[tor-talk] Tor compromised?

Roger Dingledine arma at mit.edu
Thu Oct 13 15:40:56 UTC 2011


On Thu, Oct 13, 2011 at 08:59:35AM -0400, andrew at torproject.org wrote:
>  it sounds like they wrote malware to watch the ram
> in a MS Windows relay and exploit MS Windows weaknesses to read some
> crypto keys.

Also, keep an eye out for claims like "25% of the Tor relays runs
Windows, so if I can break into all relays on Windows, I'll own 25%
of the Tor network."

Tor clients load-balance over relays based on the relay capacity,
so the statement should really be about how much of the *capacity*
of the Tor network is on Windows. That's a bit messier to calculate,
but I bet it's nowhere near 25%.

I don't mean to say that being able to break into, say, 3% of the Tor
network is irrelevant -- but if claims like this do eventually emerge,
it would show that either he doesn't understand the Tor design, or he
has no interest in letting facts get in the way of his claims.

More broadly, this just looks like another case of a guy who wants to
get publicity and have everybody think he's amazing, and the best way
he knows how to do that is to wait until the last possible moment before
anybody can learn what his claims are.

--Roger



More information about the tor-talk mailing list