[email protected] wrote:
What began as a simple reply to a Tor user on the subject of
downloading PDF files through Tor, turned into a wealth of
information on Tor OPSEC. I am adding this post to the list
because others might find it as useful as I have. Cheers.
Origin of discussion:
http://ubuntuforums.org/showthread.php?&t=1890619
[snip]
Remember, you're downloading PDF files through Tor, and unless
you verify each file through checksum verification (like MD5 or
GPG) there's a chance they could've been trojaned ...
MD5 has been known to be cryptographically broken for some years now.
It should NEVER be used to verfiy something has not been malicously altered.
Jim
_______________________________________________
tor-talk mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
