Its not tor itself that was compromised but the version of Firefox bundled with the Tor browser bundle. They used a 0day to install a tracking cookie in FF. Van: Djones Boni Verzonden: dinsdag 29 oktober 2013 11:09 Aan: debian-security@lists.debian.org On 29-10-2013 07:29, Nikolay Kubarelov
wrote:
I would use Tor hidden service instead of SSL. Tor is too slow and you must install additional software. A better idea is offer both SSL and a Tor Hidden Service. You choose which use. Do not forget Tor encryption is not considered secure anymore. On 29-10-2013 07:52, Tormen wrote:
And then again: http://yro.slashdot.org/story/13/08/04/2054208/half-of-tor-sites-compromised-including-tormail ^^ Half of Tor Hidden Services are compromised. So Debian THS will be also compromised. I cannot see your point. |