[tor-relays] new relay package for Ubuntu 16.04+

teor teor2345 at gmail.com
Wed Aug 31 05:30:08 UTC 2016


> On 31 Aug 2016, at 15:20, Chad MILLER <chad at cornsilk.net> wrote:
> 
> But it can never look in your ~/.gnupg/ dir or grab your scanner or wipe your yubikey or turn on your camera or whatever, as another program, rogue or compromised, could do. None of that even seems to exist.

If it shares physical RAM with other processes or VMs, it can modify their RAM, under certain conditions:

https://www.schneier.com/blog/archives/2016/08/powerful_bit-fl.html

Unfortunately, VMs and similar isolation techniques aren't great at preventing hardware-based side-channels.

But in most cases, for most threat models, yes, it's quite secure.

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org






-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160831/83859038/attachment.sig>


More information about the tor-relays mailing list