Two Tor zero-days disclosed, more to come

-First zero-day can identify direct connections to Tor
-Second zero-day can identify indirect connections (users connecting through Tor guards)
-Both issues can be used to completely shut out users from Tor

https://www.zdnet.com/article/two-tor-zero-days-disclosed-more-to-come/
The two zero-days are part of a five-part blog series from @hackerfactor, who intends to publish three more zero-days, including one that deanonymizes Tor services by revealing the server's real IP address
Dr. Krawetz says all of this stems from the Tor Project ignoring security issues that have been reported over the past few years, promising patches but not actually delivering.

See here: https://twitter.com/hackerfactor/status/1268522494211678208

The Tor Project did not respond to a request for comment.
You can follow @campuscodi.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.