NSA ROOTKIT FROM THE TOR BROWSER INSTALL
If you type "apt-get install tor" on a Debian/Ubuntu computer, you get the 2.3 version.
NSA ROOTKIT FROM THE TOR BROWSER SOFTWARE
The reason software is out of date is because it takes a long time for repositories to be updated.
(By the way, I used my Ferret tool to generate this, typing "ferret suites -r ".) I don't know enough about Tor, but I suspect anything using DHE+3DES is likely more than 5 years old. Those selecting DHE+3DES are also really old I think. I show the raw data because I'm confused by the last entry, I'm not sure how the software might negotiate ECDHE+3DES, it seems like a lulz-worthy combination (not that it's insecure - just odd). The newer software chooses ECDHE, which are Elliptical-Curve keys. The older software negotiates "DHE", which are 1024 bit Diffie-Hellman keys. Only about 24% of incoming connections were using the newer software. This tells me whether they are using the newer or older software. Recently, I ran a "hostile" exit node and recorded the encryption negotiated by incoming connections (the external link encryption, not the internal circuits). Only 10% of the servers have upgraded to version 2.4. You can see this for yourself by going to a live listing of Tor servers, like. The older 2.3 versions of Tor uses keys the NSA can crack, but few have upgraded to the newer 2.4 version with better keys. The problem with Tor is that it still uses these 1024 bit keys for much of its crypto, particularly because most people are still using older versions of the software. We know the NSA builds custom chips, they've got fairly public deals with IBM foundries to build chips. Assuming no "breakthroughs", the NSA can spend $1 billion on custom chips that can break such a key in a few hours. But everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys. After more revelations, and expert analysis, we still aren't precisely sure what crypto the NSA can break.
0 kommentar(er)
