Silk Road forums
Discussion => Security => Topic started by: methology on May 30, 2012, 08:15 pm
-
Should I be worried that Tor project updates TorBrowser every few weeks? Should I sweat that LE has coerced Tor Project to include malware within the TorBrowser itself. Each time a security update is made available, I worry that, if they can't pick the locks they might just pick the whole building up and look inside. If I were trying to take down SR, that's what I would do. And I would attempt to get malware into BitCoin wallets as well.
Again, I realize I am small potatoes to LE and it's unlikely that I would get hit but SR is big enough to get their attention.
Also, I just read about Flame. Seems Big Brother is here or at least very near.
http://venturebeat.com/2012/05/28/flame-stuxnet/
-
^This guy paranoid much.."coerced"....TOR is philosophically against government censorship; just remember TOR doesn't just support kids who wanna score drugs. The TOR project is also being used by NGO's in foreign countries, opposition political parties in Libya/Iran and the US government's own spies in Afghanistan just to name a few.
I can't see the TOR project keeling over to government interests and installing spyware just because of SR, just yet.....The TOR project is more than just about CP and buying afghan heroin.
Anyway the relays are dispersed and run by volunteers, FBI gonna find it hard to play "Gotta catch em' all".
-
Again, I realize I am small potatoes to LE
On the plus side I am sure you can count to potato! :-D
Sorry, sorry I'm being mean as usual. No, the Tor Browser is open source, if there were malware in it we'd have spotted it very quickly.
This doesn't mean to say there aren't vulnerabilities in Tor such as fingerprints left by cookies which reveal your browsing activity but the community is naturally very motivated about getting them fixed!
V.
-
Plus it's open source. Not that anyone really takes the time to comb through all the source code, but if there was something that LE had intentionally put in there, it's there for everyone to see. Malware introduced intentionally into open source projects tends to get caught pretty quick, especially if they have a good checkout/check in system.
-
Exactly, "caught pretty quick." I don't think Tor would imbed malware knowingly, but I can see where infiltration could get something into a build and it could reeside there just long enough to expose something. I am a software developer and I've left many benign Easter-eggs in software I've built for large corporations. Getting to SR could easily be through the obvious. As I said, I would fuck with Tor and BitCoin covertly.
HAL5000, nice ass!
-
the war for freedom is always fought in the terror and solitary of a jail sell.
-
Again, I realize I am small potatoes to LE
On the plus side I am sure you can count to potato! :-D
Sorry, sorry I'm being mean as usual. No, the Tor Browser is open source, if there were malware in it we'd have spotted it very quickly.
This doesn't mean to say there aren't vulnerabilities in Tor such as fingerprints left by cookies which reveal your browsing activity but the community is naturally very motivated about getting them fixed!
V.
I hear this applies only to the Tor Button not the browser.
Should I be worried that Tor project updates TorBrowser every few weeks? Should I sweat that LE has coerced Tor Project to include malware within the TorBrowser itself. Each time a security update is made available, I worry that, if they can't pick the locks they might just pick the whole building up and look inside. If I were trying to take down SR, that's what I would do. And I would attempt to get malware into BitCoin wallets as well.
Again, I realize I am small potatoes to LE and it's unlikely that I would get hit but SR is big enough to get their attention.
Also, I just read about Flame. Seems Big Brother is here or at least very near.
http://venturebeat.com/2012/05/28/flame-stuxnet/
The updates if i'm not mistaken are security patches. Just redownload from the Torproject sites and not the hyperlink if your worried.