[liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
Nadim Kobeissi
nadim at nadim.cc
Wed Aug 7 03:04:52 PDT 2013
On 2013-08-07, at 12:58 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
> Nadim Kobeissi:
>>
>> On 2013-08-07, at 12:44 PM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
>>
>>> Bbrewer:
>>>> "We're understaffed, so we tend to pick the few things we might
>>>> accomplish and writing such advisory emails is weird unless there is an
>>>> exceptional event. Firefox bugs and corresponding updates are not
>>>> exceptional events. :("
>>>>
>>>> Pardon me,
>>>> But it does seem that this one was.
>>>>
>>>> No?
>>>
>>> Yeah, this was such a case - a month ago, we didn't know it was such a
>>> case - no one did, not even Mozilla.
>>
>> That's funny — didn't Mozilla issue a security advisory for it a month ago? That would imply that they actually did know that it was such a case.
>>
>
> The exploit is the exceptional event. Roger just covered this with
> exceptional clarity.
>
> Al - did Mozilla know it was being exploited in the wild, a month ago?
> Was there a known difference at the time between this bug and say, the
> others which were fixed in the ESR17 release cycle?
Does an exploit need to exist in the wild and be discovered first in order to warrant a security advisory? I didn't know this!
NK
>
> All the best,
> Jacob
>
> --
> Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
More information about the liberationtech
mailing list