[tor-talk] Hidden service honeypot
grarpamp
grarpamp at gmail.com
Tue Jun 23 03:56:44 UTC 2015
On Mon, Jun 22, 2015 at 6:36 PM, <bidet at ruggedinbox.com> wrote:
> The landing page includes some javascript that looks shady.
> ...
> I'm interested in knowing how this affects the tor browser and tails, and
> could this technique be used in other scenarios by different adversaries.
If one thinks that TBB and VM is all that is needed to protect oneself
from random driveby 0day exploits, you need to think again. The
minimum is independant routing into tor via external device. And
even that assumes tor and the device and its stack aren't breakable
or broken. Layer defences, do not use just one.
More information about the tor-talk
mailing list