Silk Road forums
Discussion => Security => Topic started by: prefectKILL on May 03, 2012, 12:50 pm
-
Hey good people, just caught this, not sure if it has been reported here yet so ...
https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs
Maybe someone more knowledgeable than myself can evaluate the security implications?
I don't think this reveals IP.
-
Maybe someone more knowledgeable than myself can evaluate the security implications?
I don't think this reveals IP.
A DNS lookup not sent through Tor will reveal your real IP address to the server you are trying to connect to. Timing attacks can then connect you doing the DNS lookup to you visiting the site over Tor. That said, this bug affects sites using websockets. I believe Silk Road users are safe, but I strongly recommend everyone to read the blog post and follow the instructions there to apply the temporary fix.
-
Damn, someone beat me to it, didn't see this thread! Good looking.