back to article Tor fingers Firefox flaw for FAIL but FBI's also in the frame

Tor has confirmed the existence of malware that has taken down some of its hidden nodes - and says flaws in Firefox are at the heart of the problem. The network anonymising service yesterday noted the disappearance of some nodes on its network. The outfit hasn't offered any more insight into what's down, or exactly what brought …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Be careful what you ask for

Legal use is fine but piracy can cost you years in prison regardless of whom you blame for your bad choices.

0
6
Silver badge

Re: Be careful what you ask for

not if you can get Obama on your side.

9
1
Go

Why use Tor?

The main problem with Tor is that it transports you back to the days of dial-up. Yep, it's that slow. (Well, not quite -- it just seems that way.)

If you want both security and speed, then VPN is the only way to go. There are even free VPN services.

Setting up a PPTP VPN doesn't require that you download and install software. It works on Windows, Mac OS, Linux and Android.

0
6

Re: Why use Tor?

If you're after security and privacy, then you'd be an idiot to use a free VPN

14
0
Silver badge

Re: Why use Tor?

PPTP is not terribly secure and has no real defence (AFIK) against man-in-the-middle attacks.

OpenVPN is probably much better as it should be able to notify you of an SSH certificate change in such circumstances, though not all VPN suppliers support it so well.

Finally, any "free" VPN is not going to be very fast in general, someone has to pay for the bandwidth needed!

3
0
Silver badge
Pirate

Re: Why use Tor?

@Martin - >"There are even free VPN services."

What's on the other end of these amazing "free VPN services"? CIA servers, or Russian crime syndicate servers?

1
0

Criminal Activity

Hasn't the FBI just committed a crime?

2
0
Anonymous Coward

Re: Criminal Activity

Haha! Is that even possible anymore?

Man, I remember back when we had judicial oversight of the executive. Good times.

6
0
Trollface

Re: Criminal Activity

Don't worry, if by some tiny chance someone manages to get any hard evidence of a crime by an arm of the government, brings it to a Judge who still has some sense of ethics, and gets a conviction, el Pres will just issue pardons all round.

0
0
Silver badge
Coffee/keyboard

Re: Criminal Activity

@Jamie - >"Hasn't the FBI just committed a crime?"

Oh I get it - a joke! Very funny.

0
0

Articles should point out that the exploit in Firefox is Windows only. Not real computers.

Secure Windows is an oxymoron.

3
7
Bronze badge

Ha ha ha ....

.... real funny. No OS is secure, they all have flaws. So with super insecure Windows, why is OSX the first system breached at the pwn2own contest, purely on the OS flaws?

2
0

Re: Ha ha ha ....

> No OS is secure, they all have users.

There, fixed that for you.

0
0
Anonymous Coward

Re: Ha ha ha ....

And OS-X has over 2,000 known vulnerabilities - versus the worst ever Microsoft OS - Windows XP - on about 500...

nb - Linux holds the record with SUSE 10 on over 3,800 vulnerabilities....and well over 900 in the Linux kernel alone

0
2
Anonymous Coward

Re: Ha ha ha ....

Microsoft wrote 100% of the code for their OS. Whereas others use certain components from the public realm. Sure you can say that they decided to use it and they are ultimately responsible.

0
0
Anonymous Coward

It's daft to base a product that allegedly increases your browsing security on a browser product that is five versions out of date. What do you expect, Tor?

5
0

I thought the same, but maybe the Extended Support Release version was useful to them in some way.

0
0
Anonymous Coward

Re: five versions out of date

Or, maybe, the point of the Extended Support Release version is to keep an updated/patched firefox browser version compatible with older systems.

0
0
Anonymous Coward

Actually, the 'daft' part is having five versions in two months. If they slowed down to catch their breath, maybe some of these "issues" would get caught before release.

Of course, Mozilla is based in America. Could it be these 'flaws' are being placed there as the result of a FISA court order?

2
2
Anonymous Coward

Actually, the 'daft' part is having five versions in two months. If they slowed down to catch their breath, maybe some of these "issues" would get caught before release.

You do realise that those five versions are essentially minor releases? If they went back to the old numbering scheme (17.1, 17.2, 17.3, etc) you'd no doubt stop complaining.

1
0
Silver badge
Joke

17?

I think you mean 4.1, 4.11, 4.2, etc.

0
0

if you've ever used TOR for anything illegal

you're fucked.

1
1
Big Brother

Re: if you've ever used TOR for anything illegal

...or more specifically, if you've ever used the TOR Browser Bundle that uses Firefox 17 on Windows, had javascript enabled, used it during the period where the FBI had implemented the malware on some onion sites, were also doing things that were illegal (and those illegal things are the ones that the FBI are targeting) then you are fucked.

Note that if the intended targets are the peddlers and consumers of child exploitation material, then great, I'm all for it (though I wish they could employ different methods)!

0
0

Or, conversely, just hit that button that says "Enable Javascript"

And watch 99.9% of your browser-based security problems disappear, including FBI Javascript Malware.

Unless the attack method of what they set up is different than what I've seen reported..

1
0
Silver badge
Coat

Re: Or, conversely, just hit that button that says "Enable Javascript"

Why would enabling Javascript help?

0
0

Re: Or, conversely, just hit that button that says "Enable Javascript"

You're right. I should have said "uncheck the box labelled.."

0
0

Firefox 23

I just installed Firefox 23 this morning.

Dave

0
0
Silver badge
WTF?

Re: Firefox 23

It's interesting to see Firefox 23 no longer has the "disable javascript" option in preferences any more...

1
0
Anonymous Coward

It's going to be Operation Ore all over again...

0
0
This topic is closed for new posts.

Forums