HomeLogin

Linux Bug Compromises Tor Browser Bundle Users, Makes List Of All Sites The User Has Visited

10 April, 2012 at 9:23 am by anonymous!
2009-tor-logoGuest post from tip, source of tip, pastebin source: Anon exposes concerns about the security of Tor, and points us towards email exchanges concerning a Linux bug which log things like domain names to a file in the root of the browser bundle." This will effectively provide a road map of the sites the unsuspecting Tor user has visited. #################################################################### Tor Browser Bundle for Linux (2.2.35-8) "EVIL bug" *** NEVER FORGET *** ####################################################################
  • http://seclists.org/bugtraq/2012/Mar/85
  • http://www.securityfocus.com/archive/1/522003/30/0/threaded
#################################################################### "There is an EVIL bug in at least the Linux (2.2.35-8) Tor Browser Bundle start-tor-browser script. It will log things like domain names to a file in the root of the browser bundle." https://trac.torproject.org/projects/tor/ticket/5417 Ticket #5417 (new defect) RelativeLink.sh in Tor browser bundle has small typo causing debug mode to be always turned on: Reported by: cypherpunks Priority: critical Component: Tor bundles/installation Description TBB starts in debug mode disregardless ...
Read the rest of this entry »

Obfsproxy Tor Browser Bundle to Defeat Great Firewall Of China

11 April, 2012 at 7:50 pm by anonymous!
obfsproxy_diagramChina is currently doing a very good job of blocking the Tor Onion Router software from working within the middle kingdom. We previously announced that the Tor project are working on a way to strike back and make the Chinese officials loose massive amounts of face back in January. These behind the scenes efforts are bearing fruits.

Chinese officials are about to loose massive amounts of face

Our sources inside #tordev on IRC reveal that Tor developer Sebastian Hahn is close to producing a Tor Browser Bundle which includes the obfsproxy software. Our sources also reveal that this version will probably not contain the included-in-every-version (except the latest) TBB "bug"door which tracks all sites visited while supposedly browsing anonymously using Tor. There is no exact time-frame for the release of this ...
Read the rest of this entry »

Guest Post: “The Ultimate Guide for Anonymous and Secure Internet Usage”

11 April, 2012 at 7:29 pm by anonymous!
another fine guest post by some random pastebin-using entity on the internet(s): This is a guide with which even a total noob can get high class security for his system and complete anonymity online. But its not only for noobs, it contains a lot of tips most people will find pretty helpfull. It is explained so detailed even the biggest noobs can do it^^ :

The Ultimate Guide for Anonymous and Secure Internet Usage v1.0.1

Table of Contents: 1. Obtaining Tor Browser 2. Using and Testing Tor Browser for the first time 3. Securing Your Hard Drive 4. Setting up TrueCrypt, Encrypted Hidden Volumes 5. Testing TrueCrypt Volumes 6. Securing your Hard Disk 7. Temporarily Securing Your Disk, Shredding Free Space 8. Installing VirtualBox 9. Installing a Firewall 10. Firewall Configuration 11. Installing Ubuntu 12. Ubuntu Initial Setup 13. Installing Guest Additions 14. Installing IRC (Optional) 15. Installing Torchat ...
Read the rest of this entry »


Google hates Tor-users: GSearch to the rescue

4 April, 2012 at 6:40 pm by anonymous!
gsearchGoogle has made it really hard to use their service lately. Alternatives like startpage, duckducktogo and even Bing are becoming increasingly popular among Tor and non-Tor users due to the changes Google have made the last few months. A new location hidden service called GSearch Lite - Google Anonymously has appeared to make life simpler for Google-loving Tor-users. It lets you search Google without them tracking you. Check it out over at tgylx7tvwoxotutl.onion:88/gsearch/
Read the rest of this entry »

Guest post: Awareness for identity correlation through circuit sharing is almost zero.

13 March, 2012 at 1:44 pm by anonymous!
onionThe users awareness for identity correlation through circuit sharing is almost zero. There should be more clear warnings about it on torproject.org. People are frequently told to extensively use Google. They do so and will be affected. If you google the term you will see that it has been recommended all the time. The version spread at this time was version 423 or below . It didn't contain any warning that it's for advanced users only and no sentence about identity correlation through circuit sharing. There are so many instructions, howtos and blog posts. Everyone suggest to point all applications they want to torify to 127.0.0.1:9050. Originally a Tor developer brought this to my attention. Also tails, which is listed on torproject.org, uses only one SocksPort ...
Read the rest of this entry »


Tor Onion Router blocked by China – again. Torproject to defeat Chinas DPI-based block soon

7 January, 2012 at 9:03 pm by anonymous!
networkThe Tor Onion Router privacy software is currently blocked by the Great Firewall of China. Investigation done by the Torproject indicates that China is using deep packet inspection to enumerate Tor connections going to and from the country using Tors own cipher list (bug #4744). This inspection reveals both bridge and router connections. China then makes a follow-up connection to bridges when they are detected to determine that they actually are bridges. Tor bridges are blocked immediately after this test. Roger Dingledine and Jacob Appelbaum gave some details on this at 28c3. The number of direct Tor users in China flat-lined long ago. The number of bridge users in China is currently dropping dramatically as seen on this graph:...
Read the rest of this entry »

livelyblog.com | Random blog | Login | Get your own blog | ^^^
anonymous.livelyblog.com/Login