On Sat, 21 Jan 2006, Chris Howie wrote: > Package: tor > Version: 0.1.0.16-1 > Severity: grave > Tags: security > Justification: user security hole > > Source: http://archives.seul.org/or/announce/Jan-2006/msg00001.html > > Basically an attacker who can run a fast Tor server can find the location of a > hidden service in a matter of hours, possibly even minutes. This is fixed in > 0.1.1.12-alpha, but as this is an alpha release it may contain other bugs.
So your options are - do not run a hidden service - wait for a few weeks or months until 0.1.1.x becomes stable and I upload it to sid - use 0.1.1.x now (from experimental or my backports archive http://wiki.noreply.org/noreply/TheOnionRouter/TorOnDebian Also, Tor continues to be as fine as ever for people who don't offer hidden services, so maybe grave is a bit strong. Cheers, Peter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
