Why the BEAST Doesn't Threaten Tor Users

    0
    42

    Earlier in the week, we posted news of a vulnerability discovered in virtually all websites secured with theoretically outdated (but widespread) versions of SSL and TLS encryption. Luckily for all non-nefarious users, this vulnerability (called BEAST, short for Browser Exploit Against SSL/TLS) was discovered and disclosed by researchers Thai Duong and Juliano Rizzo, and browser makers are pushing out changes to nullify it. Many systems, though, will remain unpatched for a long time. Nick Mathewson (nickm) of the Tor project has posted an explanation of why Tor traffic, as he understands the attack, remains safe. As a side benefit for those of us who aren’t security experts, his description explains in plain language just what the danger is.

    Read more of this story at Slashdot.


    More:
    Why the BEAST Doesn't Threaten Tor Users

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here

    *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.