[tor-bugs] #2870 [Vidalia]: Security breach? Windows version always goes through same 'suspected' USA servers

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Sat Apr 23 19:14:42 UTC 2011 

#2870: Security breach? Windows version always goes through same 'suspected' USA
servers
---------------------+------------------------------------------------------
 Reporter:  Al       |          Owner:  chiiph                        
     Type:  defect   |         Status:  new                           
 Priority:  normal   |      Milestone:  Tor Browser Bundle for Windows
Component:  Vidalia  |        Version:                                
 Keywords:           |         Parent:                                
   Points:           |   Actualpoints:                                
---------------------+------------------------------------------------------

Comment(by Al):

 Follow-up:

 Tor now works as before (since 3 days)!

 I can't be sure what causes it to work as before, as there are a lot of
 different possibilities in what I have no insight. Have there been server
 changes? Has my ISP or some secret service made something different?
 Etcetera?

 But what I do now, is that the change coincided with removing Kaspersky
 PURE. The program made unasked for connections (not-permitted Cloud file
 analyses) to their servers in China to Washington, Britain to Russia,
 etcetera. Trying to block it with PeerBlock, was impossible, it just
 started to make 10 different connections a second, until it found one of
 their IP's that was not blocked. Sandboxing the avp.exe with Comodo,
 worked, but then Kaspersky started sabotaging the internet connections of
 my other programs.

 After removing Kaspersky (again: could be accidental and coinciding with
 some other change), I can connect again with Tor to my email accounts, to
 the torproject.org page itself, to news.google, etcetera.

 Before, I had another positive change after removing the Tor browser+IM
 download and changing it for the Tor download without IM: Then I didn't
 have anymore the obliged USA servers BADASSx, Blackbockx, FordmodelA/x
 that I always got and could not click away even when clicking away 2 a
 second. Thereafter this part of the problem was resolved, but the other
 part (emails and some other connections blocked) continued until I removed
 Kaspersky.

 OK; now I like to have some feedback here: Has there been major changes to
 the Tor servers (in USA/Mexico) that accidentally coincided with one of
 the two positive events I mention?

 If not; can you investigate if its possible that a security issue in
 Tor+IM could have been used to give me always those obliged USA servers?

 Same for Kaspersky; could that have blocked some specific Tor made
 connections, while I at the same time could reach those IP's without using
 Tor?

 For your information: we have an official government document that we are
 listed (although on intelligence falsifications for higher power politics
 and to protect their crimes of corruption), so it would be strange to
 think that we would not monitored; that is just what they have to do.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2870#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list