This is very interesting: http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity
Looks like it's not an attack on Tor itself, rather they identify Tor users (which Tor isn't designed to prevent AFAIK), and then do a MITM on the connection between Tor and the web to insert some code that exploits a vulnerability that (until recently) was distributed as part of the Tor bundle. Seem like, even though this Firefox vulnerability has been fixed, that they probably have a library of other ones to choose from. Ian. -- Ian Clarke Founder, The Freenet Project Email: [email protected] _______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
