[tor-talk] Cancelled black hat talk
BM-2D8wMEVgGVY76je1WXNPfo8SrpZt5yGHES at bitmessage.ch
Wed Jul 30 22:56:58 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
> On Wed, Jul 30, 2014 at 10:05:20PM +0000, Nusenu wrote:
>> Surprised to see the fix of a bug that was worth a tor security
>> advisory to be in the "Minor bugfixes" section of the changelog.
> The security advisory was that somebody had attacked real Tor users
> and perhaps deanonymized some of them, and here's what we know.
> The particular traffic confirmation channel they used wasn't a big
> deal. (Or said another way, fixing it doesn't make a big impact on
> whether this sort of attack is possible.)
Thanks for your quick clarification.
If I understand you correctly that means we should assume this type of
attack to be "easy" and this fix merely closes one of many easy ways
to exploit traffic confirmation?
So I guess one of the best bets we have is better response to doctor
reports? (aka better detection)
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the tor-talk