[tor-talk] 100-Foot Overview on Tor
Tom Ritter
tom at ritter.vg
Tue May 5 23:49:39 UTC 2015
On 5 May 2015 at 07:53, Fabian Keil <freebsd-listen at fabiankeil.de> wrote:
> Great.
>
> A couple of comments (about v1.3):
Thanks! I made the changes and put up a 1.4
> Page 141 and 142 seem to suggest that parsing strings is more
> likely to be vulnerable than parsing binary data. Is that intended?
No but mostly yes. It's more a surprise factor: when I tell people tor
uses HTTP to upload and download things, they're not surprised - when
I tell them it has its own HTTP server implementation that does all
the parsing of the requests, they're much more surprised. I'm not
saying tor's code is insecure (I put up a $bounty inside my company
with my own money to anyone who finds a bug in it actually) - but
implementing your own HTTP server is not a recommended action. :)
> Is the source of the PDF available under a free license?
>
> I'm currently preparing a (German) presentation about location
> hidden block storage and could reuse the HS-related parts:
> http://chaos.cologne/Fahrplan/events/6653.html
It's (now) http://creativecommons.org/licenses/by-sa/4.0/
As far as the sources.... well, I made it in keynote. Yes, I know I'm
a bad person. I can export it as powerpoint, html, images, or pdf and
send you any one of those five. (Or all of them.)
-tom
More information about the tor-talk
mailing list