[liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
Al Billings
albill at openbuddha.com
Tue Aug 6 09:49:05 PDT 2013
Except this issue was a Firefox issue, fixed in ESR 17.0.7 and which we had posted an advisory for six weeks ago today. So, yes, you're asking Tor to copy and paste Firefox advisories. The issue wasn't a Tor-specific issue except that the way it was being spread targeted the TBB. It was a Firefox security issue, fixed in the last release. The people affected are those who hadn't gotten current.
Al
--
Al Billings
http://makehacklearn.org
On Tuesday, August 6, 2013 at 2:45 AM, Nadim Kobeissi wrote:
> > Nadim you seem confused by how this works. Tor doesn't need to issue advisories for Firefox issues. We, at Mozilla, already issue them. Perhaps they can link to them clearly but if you want to know about security issues Mozilla fixes in Firefox, you're best served by reading Mozilla advisories. There's not much point in duplicating them on a second site. Tor would be better served by writing advisories for its own, unique, security fixes.
>
>
> Tor doesn't need to issue advisories for Firefox issues. Tor needs to issue advisories for Tor Browser issues, and not five weeks later when s**t hits the fan.
> I really don't think one can reasonably disagree with the above statement. Tor Browser is a Firefox fork.
>
>
>
>
>
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130806/91dbfdce/attachment.html>
More information about the liberationtech
mailing list