critical security vulnaribility fixed in Tor 0.1.2.16
Roger Dingledine
arma at mit.edu
Sat Aug 4 18:23:12 UTC 2007
On Sat, Aug 04, 2007 at 04:40:04PM +0200, vikingserver at gmail.com wrote:
> Perhaps someone else has an answer for this.<br>
> Nothing in coderman's short answers have made this clear to me. The
> answers look rather confusing to me, sorry.<br>
(Typing on defcon network so will be quite brief)
The short answer is yes, this is an attack, and no, we're not going
to tell you exactly how it works yet. That's because several hundred
thousand people are vulnerable, and we're going to give them several
weeks to upgrade before we arm random people on the Internet with the
ability to launch this attack against them.
You should be one of the people who upgrades. :)
--Roger
More information about the tor-talk
mailing list