I did a quick search and found a similar report from August 2013 https://blog.torproject.org/blog/tor-browser-bundle-30alpha2-released
Check the latest comment Cheerz http://apx808.blogspot.com On Mon, Aug 25, 2014 at 3:22 PM, < bm-2cvvnfwsftfx8dv12l8z8pjejmtrjyj...@bitmessage.ch> wrote: > Hi, > > I will answer messages sent by different list members. Check for yours: > > > > > > Joe Btfsplk wrote: > > Or, this could be a hoax by the OP, or a simple mistake. > > This is not a hoax and is not a mistake. > > > > > > > > Mirimir wrote: > > Maybe Zemana is incorrectly flagging some aspect of HTML5 canvas > > spoofing by the Tor browser as taking a screen snapshot". > > The incident happend at different web pages that had been accessed before > many times without any incident. > > The Zemana is the same version I am running since December 2013, i.e., it > is running for around 8 months without any incident. > > > > > > > Sebastian G. wrote: > > Was it a website you trusted you browsed to? Did the software attempt to > > do anything without a website loaded? > > Ar regular sites at the surface web that is accessed by many TOR users. > Sorry, I can not provide more specific information that may facilitate my > identification. > > > > > Sebastian G. wrote: > > Looks, like the website(s) did something. > > Maybe trying to access canvas, what the TorBrowser tried to prevent. > > Maybe this triggered the alert. > > Again... I am using the same Zemana version for around 8 months without > any incident and acessing the same web sites. > So it is not a canvas access problem. > I will be very surprice if any web site is capable to generate such alert, > especially without to be able to run any script. > > > > > > > >> I am sending some screens with the Zemana log, where is possible to see > >> the TOR MD5 signature (firefox.exe; FC19E4AFB0E68BD4D25745A57AE14047) > and > >> the logged behaviour ("screenlogger"), the TOR version, > >> TOR button and the > >> Zemana version screens, and the extensions > >> and plug-ins existing in my TOR > >> install (just to confirm that nothing strange is there). They are > >> available to download here: > >> http://www.datafilehost.com/d/dfb201d8 > >> or > >> https://www.sendspace.com/file/6ygdl3 > > > Both of the files are broken or corrupted. They can't be opened as an > > archive on my end. The first source tries to make one download an .exe > > file. Well you can download the zip file, without it. > > > How can we be sure that your upload is safe? > > > If both links are broken this means that somebody is doing a big effort to > prevent the file access. > > The reason I uploaded to hosts is because the Tor Project team blocked my > attempt to send as attachment to this list. > By this you may also understand that the Tor Project team was aware about > my report two days in advance than the list members. > > The uploaded file is a ZIP with a number of JPG images inside. As far as I > know both file types are safe. > > I did a new upload to a popular JPG hosting service. Here they are: > http://i.imgur.com/QAKp7k1.jpg (Zemana log) > http://i.imgur.com/nJkCQJp.jpg (Zemana version) > http://i.imgur.com/06ZW0IK.jpg > http://i.imgur.com/XsbpQ4X.jpg > http://i.imgur.com/eikxgpe.jpg > http://i.imgur.com/jWjAq5N.jpg > http://i.imgur.com/iuqltM0.jpg > http://i.imgur.com/01cuLYd.jpg > http://i.imgur.com/ijnZwGs.jpg > > > > > > > > > Sebastian G. wrote: > > The remote operator claim would require evidence of some sort. > > My report with detailed information including the Zemana log showing that > firefox.exe tried to record my screen seems to be a very good evidence. > What more one may provide? Is somebody expecting a NSA or Tor Project > written confirmation? > > > > > > > Sebastian G. wrote: > >> This may explain also the, until now, unclear role and objectives of the > >> US goverment by funding the TOR Project. > > > I think they use Tor for many purposes themselves. > > Why will USA fund the development of a tool that can be used by its > enemies? > You may have a doubt about the Tor backdoor. I don't. > > What we have here is very simple: who pays gives the orders! > > > > > > > > > Sebastian G. wrote: > >> I am an entusiast of privacy tools and TOR is not used for any kind of > >> unlawful purposes, is unlikely that I will attract attention from public > >> authorities and I am not worried with any data such attacker eventually > >> may have had access. > > > If someone would exploit against the TorBrowser he might be trying to > > get as many hits as possible to see if someone is a target. > > > I guess inside the rerouting net is a kind of automatic tool to spy Tor > users and, in addition, the (humans) operators my pick users at will for > additional checks. Just my guess. > > > > > > > > Sebastian G. wrote: > > I hope this can be resolved. > > The Tor Project team is already working to resolve... keeping total > silence until everybody forgets my report with, for me a PROOF, for > everybody else an EVIDENCE, that TOR was spotted in flagrant while trying > to record my screen. > > > > > > > > > > no.thing_to-h...@cryptopathie.eu wrote: > > I did not touch the files, because the whole story made me > > mistrustful. When you look at some subjects of yesterday > > "Third-parties tracking me on Tor" > > "TOR tried to take a snapshot of my screen" > > Perhaps somebody is trolling this list and tries to seed confusion. > > > > I am not connected with the message with subject "Third-parties tracking > me on Tor". > I paid attention on it too. Strange to have an ambiguous message send to > the list exactly one day after my first try (blocked by Tor Project team) > to report to this list. > > I am not trolling this list. > I am providing serious information. > > > > > > > > AntiTree wrote: > > I don't know the anti-spyware tool that you used nor > > details about what the > > tool deems a "screenshot" but I want to point out that in Windows > > (especially older versions) one of the entropy sources for OpenSSL is the > > screenshot of your current session[1]. So if the Tor Browser needs to > > generate keys (and it usually does in your use case) it is possible that > > the crypto functions are calling whatever "rand" sources are available on > > your system, including first taking a screenshot of your session. > > Do not seems that is the case otherwise the Zemana alert would be > generated on regular basis. > > > > > > > > > Michael Wolf wrote: > > "NSA and GCHQ agents 'leak Tor bugs', alleges developer" > > http://www.bbc.com/news/technology-28886462 > > Oh yes, we will see many "news and leaks" reporting the "efforts" of NSA > and GCHQ to break TOR and bla-bla-bla. > Just desinformation to keeps the TOR credibility. > > While may (or may not) provide some protection against USA enemies, TOR > provides NO PROTECTION against USA and friends. > TOR is a spy tool to spy on YOU! > > > > Hope more users will start to use Zemana and other anti-spyware and more > reports about this problem arrives. > > > > > > > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
