Linux vulnerability leaves top sites wide open to attackers (TOR TOO!).

https://www.rt.com/usa/355558-linux-vulnerability-websites-attacks/

A flaw in the Linux operating system lets hackers inject malware into downloads and expose the identities of people using anonymizing software such as Tor - even for those who aren't using Linux directly.

In a Wednesday presentation at the USENIX Security Symposium in Austin, Texas, researchers with the University of California, Riverside showed that the flaw lies in the Transmission Control Protocol (TCP) used by Linux since late 2012.


Comments


[1 Points] elfer90:

use UDP ;)


[1 Points] Kazaa99:

Tor is set to use https on everything by default right?

Its worth noticing: "For encrypted HTTPS or SSH transmissions the worst that can be done is to break the connection"

and then there is the requirement to DDoS the TOR network to make users connect to nodes in your control, so its not a new method, except the found a bug that makes it possible to break a connection when knowing source and destination IP. (But could be a fun time for trolls to just start killing connections perhaps)