Author Topic: tor - Security issue discovered in TOR client - Update request (Read 3040 times)

netnomad · « **on:** November 09, 2012, 12:21:05 PM »

hi gutmensch, hi batnas,

a security issue is discovered in TOR client.
please consider an update:

http://www.h-online.com/open/news/item/Security-issue-discovered-in-TOR-client-Update-1746884.html

btw there is a further bug:
Nov 10 10:29:09.690 [notice] Tor v0.2.2.36 (git-c1414cf70cbfcbb7). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686)
Nov 10 10:29:09.693 [notice] Initialized libevent version 2.0.10-stable using method epoll. Good.
Nov 10 10:29:09.693 [notice] Opening Socks listener on 127.0.0.1:9050
Nov 10 10:29:09.693 [warn] Couldn't open file for 'Log notice file /var/log/tor/tor.log': No such file or directory
Nov 10 10:29:09.694 [notice] Closing partially-constructed listener Socks listener on 127.0.0.1:9050
Nov 10 10:29:09.694 [warn] Failed to parse/validate config: Failed to init Log options. See logs for details.
Nov 10 10:29:09.694 [err] Reading config failed--see warnings above.

i have to create the dir /var/log/tor and then
chown tor.log tc:staff
to solve this problem...

thank you for your help.

netnomad · « **Reply #1 on:** November 12, 2012, 02:29:35 PM »

hi friends,

are there no tor users with interest in security out there?

i guess packages like ssl, ssh and tor should be in a unsecure state as short-time as possible.

thank you for all your contributions.

solorin · « **Reply #2 on:** November 12, 2012, 09:25:00 PM »

http://www.viva64.com/en/b/0178/

IANAE, but from the original posting, it seemed like it was an issue with Microsoft compilers.

If you are really concerned, why don't you submit an update?

cheerio,
solorin

gutmensch · « **Reply #3 on:** November 17, 2012, 05:32:13 AM »

heyho, first of all I always recommend reading the info file. The maintainer often intends to say something there. ;-)

Quote

Comments: Edit /usr/local/etc/tor/torrc to your needs and add to backup.

Usage:
Activate tor through Cpanel => Services.
Or:
/usr/local/etc/init.d/tor start
/usr/local/etc/init.d/tor stop

If you want to run it by other means then you will have to setup this yourself, absolutely correct. The log file properties are properly set through the init script, try to use this one instead of calling the tor daemon yourself.
@Update: I'll submit an update, no problem :-)

[edit]
Update online!
[/edit]

solorin · « **Reply #4 on:** November 19, 2012, 08:44:54 AM »

thanks, good man.

solorin · « **Reply #5 on:** November 19, 2012, 08:52:28 AM »

and please forgive me netnomad if my reply sounded a little harsh.
thanks for your concern for everyone's security and privacy.

Tiny Core Linux

News:

Author Topic: tor - Security issue discovered in TOR client - Update request (Read 3040 times)

netnomad

tor - Security issue discovered in TOR client - Update request

netnomad

Re: tor - Security issue discovered in TOR client - Update request

solorin

Re: tor - Security issue discovered in TOR client - Update request

gutmensch

Re: tor - Security issue discovered in TOR client - Update request

solorin

Re: tor - Security issue discovered in TOR client - Update request

solorin

Re: tor - Security issue discovered in TOR client - Update request