[tor-talk] TOR bundle on hostile platforms: why?
Martijn Grooten
tor at lapsedordinary.net
Wed Aug 7 23:36:38 UTC 2013
On Wed, 7 Aug 2013, Ivan Zaigralin wrote:
> What I am talking about is a trivial attack, technically trivial. The feds
> (at least in US and in Russia) have a complete list of unpatched Windows
> vulnerabilities. They also have crackers on staff.
They don't have "a complete list", but they have many of such
vulnerabilities, we can be certain of that.
It is also likely that they have vulnerabilities in any other operating
system. And in Tor implementations. And it is good to assume they have
enough 'crackers' on staff that will be able to exploit such
vulnerabilities.
Depending on why someone uses Tor, this may or may not be an issue. If you
use Tor to do research into cybercrime, or to access your organisation's
mail server while on a secret mission, it may not matter very much.
In other cases it may be a reason not to use the Internet at all. Or to
make an informed choice about how you can use Tor while minimising the
attack vector.
YMMV.
Martijn.
More information about the tor-talk
mailing list