[tor-bugs] #8040 [Obfsproxy]: hiding command line arguments
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon May 26 20:04:40 UTC 2014
#8040: hiding command line arguments
---------------------------+-----------------------------------------------
Reporter: roytam1 | Owner: asn
Type: | Status: new
enhancement | Milestone:
Priority: minor | Version:
Component: Obfsproxy | Keywords: scramblesuit, shared secret, easy
Resolution: | Parent ID:
Actual Points: |
Points: |
---------------------------+-----------------------------------------------
Comment (by atagar):
> Isn't that method susceptible to a timing attack too?
This threw me off for a second. It's not a timing attack (or at least not
by the definition I know, and wikipedia uses), but you're right that it
would indeed still be vulnerable for a window. And agreed that either a
password file or getpass prompt would be better options.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8040#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list