[tor-talk] Tor OPSEC - Operational Security - Great Resource of Information!
Jimmymac at copper.net
Thu Dec 15 00:40:09 UTC 2011
wakeupneo555 at Safe-mail.net wrote:
> What began as a simple reply to a Tor user on the subject of
> downloading PDF files through Tor, turned into a wealth of
> information on Tor OPSEC. I am adding this post to the list
> because others might find it as useful as I have. Cheers.
> Origin of discussion:
> Remember, you're downloading PDF files through Tor, and unless
> you verify each file through checksum verification (like MD5 or
> GPG) there's a chance they could've been trojaned ...
MD5 has been known to be cryptographically broken for some years now.
It should NEVER be used to verfiy something has not been malicously altered.
More information about the tor-talk