Update: TOR Recommends Dropping Windows, Turning Off JavaScript After Breach

The breach of The Onion Router (TOR) network that was reported on yesterday has resulted in a critical security announcement from TOR Project.  The announcement, which can be found at: https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html suggests that only Microsoft Windows systems using the TOR Browsing Bundle seem to have been targeted.  Apparently even though the exploit is cross platform, it only works on Windows based systems.  Further analysis of the exploit code suggests that it was designed to target specifically Windows based TOR users.

Security researcher Vlad Tsyrklevich has posted a more through analysis of TOR exploit on his web site at http://tsyrklevich.net/tbb_payload.txt.

Yet another reason why you should consider switching to a Linux or Unix based system…

Post by Protocol 46