[tor-talk] FBI cracked Tor security

[Mirimir]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/13/2016 06:28 PM, Karsten N. wrote:
> 
> 
> Am 14.07.2016 um 02:02 schrieb Sci Fith:
>> Sources? Links? Otherwise why conjecture & possibilities?
> 
> 2013 FBI and Freedom Hosting: 
> http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/
> 
> 2015 FBI operation "Playpen" 
> https://motherboard.vice.com/read/the-fbis-unprecedented- 
> hacking-campaign-targeted-over-a-thousand-computers
> 
> In both cases, the FBI took over the Tor onion sites platform and
> deployed a network investigative technique on the Tor hidden 
> service sites - the agency's term for a hacking tool. That tool 
> used a vulnerability to circumvent the protections of the Tor 
> Browser Bundle, and then installed a trojan, which grabbed the 
> suspect's IP address and system information.

So this has been happening for at least three years. It's very likely
that Whonix isn't vulnerable, because browser and tor process are
isolated in separate VMs. And I've seen nothing about Whonix users
being pwned.

Why hasn't Tor Project recommended Whonix for those who need better
security than Tor browser can offer?

<SNIP>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJXhwcrAAoJEGINZVEXwuQ+o3YIAKABmzgjwcXF9/NUHJhChc5Q
GOKvD/m8X2qQQg5dPScA4+iPOkt+X66m8wqbRpVsoKLnKCgbEZ/HjOrcmXV3Swpm
EtmEgnWamIGf/odOnLKK0og88Fz+JYS1CvvNJLZcNsy9KHg1tEqDBF0wHYi4q0qW
0CsGHDCvzQAonIBzn1GSU+1F4zGIJNYuBARyD0kideoVqHRK6lniV9WJXU2b3xIf
LbwWwG5qTYd7RluND7j+TezgRlC9tVNo14+mP26KA8jbA13BOD0ZMEkTYyc+RQTq
9I0lmQggadXTGbelL/LbikM9JdFX+1YoaUS1xSFrw1C40zoLCQ7gLd0/f+LAp1c=
=V/5q
-----END PGP SIGNATURE-----