Interesting that there is no mention of timing attacks... You would think with the amount of monitoring they are doing that it would be fairly simple to correlate traffic being sent to tor nodes with traffic leaving exit nodes.
On Fri, Oct 4, 2013 at 1:34 PM, Ian Clarke <[email protected]> wrote: > This is very interesting: > > > http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity > > Looks like it's not an attack on Tor itself, rather they identify Tor users > (which Tor isn't designed to prevent AFAIK), and then do a MITM on the > connection between Tor and the web to insert some code that exploits a > vulnerability that (until recently) was distributed as part of the Tor > bundle. > > Seem like, even though this Firefox vulnerability has been fixed, that they > probably have a library of other ones to choose from. > > Ian. > > -- > Ian Clarke > Founder, The Freenet Project > Email: [email protected] > _______________________________________________ > Devl mailing list > [email protected] > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > _______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
