ATTENTION MARKETS: Update Your Tor to 0.3.1.8

There is a timing based assertion failure caused by the out of memory handler output buffer Tor Ticket Tor Announce. By introducing a flood of circuits an attacker can overload the memory of the relay causing it to start killing circuits. In the most extreme cases it can kill all circuits on the relay. If this happens on every introduction point for an onion service it would make the service inaccessible until a broadcast with new introduction points are uploaded or until the memory of the selected introduction points are restored.

If you have not setup the Tor Package Repository now would be a great time to do that. The latest Tor hasn't yet been push to the repository but it should be there soon.


Comments


[10 Points] dnmthrowawayobvious:

ELI18 I am not a tor expert nor am i retarded but is this what could have been causing markets to be taken down by DDOS lately?


[2 Points] micloo:

So we have answear who or what standing behaind this problem what we calss Ddos attack


[1 Points] BareBliFerdig:

Thats what i have been saying all this time. LE probably knew about this and implemented a sniper attack (i wrote about this in the past). Which is how they have identified so many markets lately :/


[-2 Points] EatAssOnSecondDate:

Feds want u to conform to their new update please. Thanks