[tor-talk] Cancelled black hat talk
Nusenu
BM-2D8wMEVgGVY76je1WXNPfo8SrpZt5yGHES at bitmessage.ch
Wed Jul 30 22:05:20 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
>> I think I have a handle on what they did, and how to fix it.
>> We've been trying to find delicate ways to explain that we think
>> we know what they did, but also it sure would have been smoother
>> if they'd opted to tell us everything. The main reason for trying
>> to be delicate is that I don't want to discourage future
>> researchers from telling us about neat things that they find. I'm
>> currently waiting for them to answer their mail so I can
>> proceed.
>
> I have timed out on them and put out two new releases plus a
> security advisory:
> https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
thanks!
Surprised
>
to see the fix of a bug that was worth a tor security
advisory to be in the "Minor bugfixes" section of the changelog.
> o Minor bugfixes: - Warn and drop the circuit if we receive an
> inbound 'relay early' cell. Those used to be normal to receive on
> hidden service circuits due to bug 1038, but the buggy Tor versions
> are long gone from the network so we can afford to resume watching
> for them. Resolves the rest of bug 1038; bugfix on 0.2.1.19.
So I guess "Minor bugfixes" can have quiet an impact as well then.
Will watch 'minor bugfixes' closer in the future ;)
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJT2WwgAAoJEDcK3SCCSvoeTBcP/0//HDaNIhgI7j5K4eIU1Ae8
Pbxx9YJL8NqPv65nI6qRBWOIYTp7nfXYMdOt+yvRN80B/UI1QC8UGx96CKInkDj1
SIPt3BAo+AUTlI4PN2HXxkSaw66Rz9fKNaQsLNit1vlfNuI5VO7SL3mQqmoxOfw4
sUdG1ne6UlmEQNJkoVu7OBlq9+DcjTVy2Hj175Q+wcKZ87jZpX6teVhl/gzm0hfU
FYOr9vlMYSwa8rYYrwTEvOinW55yhsazLKyV1Eq/qZM3QWIK1hiN9LhR6xmlirCy
Ewl/rZckNvvvB08l/EnifE4nJKwTew047cvCSJh9DBQ7/7BoHnlkNz26gB27JLxi
ooz69uilyuY207+3TJpSn2KfEAUyQHG/C81ZPvOX+It7LIuumpfRW22Pr73yHRrZ
uzQ10NB7p7VCWZIgGCV5PLRBchk1O/5CIJpsEpKmx/772IUUTMqNlLMYmBekCJiO
CCxAi3BgqHsHo0g72J7yoq6hs2hr9dMA7ScmniTH+SqKux5hxdpCl7pM4JE8JNS9
K8R3wVU7Z/xEPqxq9dZyTuat2ASDhKrUP0dq2iNYXWlSOGzj7wOzH2xjkQkgbhSl
gJ2QIzYYgrsC0K/UWvWaRBe4S3Ljki40Hhh4SaoPLzSQ0LILD7tEAS5eS03GM58p
oKHbtKQwdQ/q8YY4v+Pd
=yVXu
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list