[tor-talk] Indirect Tor question

Praedor Atrebates praedor at yahoo.com
Mon Sep 9 13:00:43 UTC 2013

In light of the recent revelations of how the NSA has broken commercial
software all over the place, I wonder about the security of Oracle's
VirtualBox VM software used by Whonix (and other?) tor-based anonymity
systems.  A large portion of VirtualBox is open source but some
libraries used are of different licenses...so perhaps somewhere in those
non-opensource libs lay an NSA backdoor?

I'm wondering about any and all similar tor-based systems wherein there
is ANY portion that is not opensource.

More information about the tor-talk mailing list