Re: [Full-disclosure] Compromise of Tor, anonymizing networks/utilities

[coderman <coderman@xxxxxxxxx>]

On Dec 8, 2007 2:32 PM, Fetch, Brandon <bfetch@xxxxxxx> wrote:
> ...
> It's this lack of "last mile" security that some will suggest using an
> encrypted proxy but that still may not resolve the issue of the
> requested destination not supporting a secure connection.

Public wireless anyone?  None of the big sites are willing to invest
in your privacy.  at least with gmail i can filter http and stay on
https (yes, the cookie is still not secure only, *sigh*).

treat Tor like an anonymizing hot spot.  if you're worried about any
of the content being sent, make sure it is encrypted end to end.


> Hiding behind/through Tor and an encrypted proxy just puts more layers
> of obfuscation into the mix but still doesn't provide any more security.

Tor != transport privacy.  the sooner everyone realizes this the better...

[and the less we have to read about lame ass fame whores like Egerstad
pimping their dsniff stupidity.  the control port hack was much more
interesting...]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/