On Mon, May 15, 2017 at 09:58:26AM +0200, Cristian Consonni wrote: > Interesting. In fact, I though that downloading the whole browser seemed > to be not so smart, surely there are better ways to connect > programmatically to the tor network.
It is not the whole browser -- it is the "windows expert bundle": https://www.torproject.org/download/download So it is indeed stupid to treat its libraries like the cloud, but not so stupid that it's fetching the whole tor browser. > To my untrained eye, this malware seems to be both clever > (self-replication) and dumb (kill switch, downloading the browser) at > the same time. Also ask yourself whether it checks the signature of the tor win32 thing that it downloads before running it. :( Good thing we're not evil. --Roger _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
