[tor-talk] Tor compromised?

andrew at torproject.org andrew at torproject.org
Thu Oct 13 12:59:35 UTC 2011


On Thu, Oct 13, 2011 at 11:30:15AM +0200, g.lo.subber at gmail.com wrote 0.4K bytes in 7 lines about:
: French students were able to exploit a vulnerability in Tor network
: Details here (french):
: http://www.itespresso.fr/securite-it-la-confiance-dans-le-reseau-d-anonymisation-tor-est-ebranlee-47287.html/2

There isn't much to say here. Eric has refused to talk to us in any
responsible manner.  This article is full of hyperbole, but short on
facts. We are in the dark as much as everyone else.

According to this article, my poor comprehension of french coupled with
google translate, it sounds like they wrote malware to watch the ram
in a MS Windows relay and exploit MS Windows weaknesses to read some
crypto keys. If true, this sounds like a better exploit on MS Windows
than on Tor. Tor has to run inside an operating system, and if that
operating system is compromised then everything that runs inside it will
be compromised as well.

However, once we have some facts and details, we can respond with real
answers, not conjecture.

-- 
Andrew
pgp key: 0x74ED336B


More information about the tor-talk mailing list