[liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
Roger Dingledine
arma at mit.edu
Mon Aug 5 01:54:00 PDT 2013
On Mon, Aug 05, 2013 at 10:46:35AM +0200, Georg Koppen wrote:
> On 05.08.2013 10:15, Nadim Kobeissi wrote:
> > Now, we find out that the FBI has been sitting on an exploit since an unknown amount of time that can compromise the Tor Browser Bundle
>
> is that really so? See:
> https://blog.mozilla.org/security/2013/08/04/investigating-security-vulnerability-report/
> first comment.
Specifically, it would appear that the TBB updates we put out on
June 26 addressed this vulnerability:
https://blog.torproject.org/blog/new-tor-browser-bundles-and-tor-02414-alpha-packages
My preference here is increasingly that we should finish
https://trac.torproject.org/projects/tor/ticket/9387
and then make TBB 3.x the new default:
https://blog.torproject.org/blog/tor-browser-bundle-30alpha2-released
(Apparently this means breaking support for Win XP until somebody fixes
that:
https://trac.torproject.org/projects/tor/ticket/9084
But hey, there are worse things to do than that.)
--Roger
More information about the liberationtech
mailing list