[tor-bugs] #11521 [Tor]: Appears vulnerable to Heartbleed
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Apr 14 23:48:31 UTC 2014
#11521: Appears vulnerable to Heartbleed
-------------------------------------------------+-------------------------
Reporter: Richard | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: tor-client, tbb-3.0, tbb-3.6, tbb- | Actual Points:
helpdesk-frequent, tbb-beta-2 | Points:
Parent ID: |
-------------------------------------------------+-------------------------
Reported as using TLS 1.0, according to this website:
https://www.howsmyssl.com/
All my browsers except TOR give reassuring results on this site.
Site reports that TOR's:
"SSL Client is Bad",
Version is TLS1.0 and is Very Old and possibly susceptible to the BEAST
attack.
Client supports cipher suites that are known to be INSECURE.
Perhaps there is some purposeful obfuscation going on, or it is referring
to the exit node - however the above site is consistent in its results.
Thanks.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11521>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list