[tor-talk] Hidden service security w. Apache/Win32

Ralf-Philipp Weinmann ralf at coderpunks.org
Mon Feb 20 16:06:28 UTC 2012

On 2012-02-19 19:58 CET, Ondrej Mikle wrote:

> Addendum for truly "uberparanoid" installation:
> [various "best practices"]
> With the uberparanoid installation, the greatest risk is a return-to-libc-style
> attack on Tor where attacker instructs Tor to make circuit to a node controlled
> by attacker, thus revealing IP.

So this is the part where you should realize how futile all of that pain of setting up policies is…


More information about the tor-talk mailing list