Why the BEAST Doesn't Threaten Tor Users


    Earlier in the week, we posted news of a vulnerability discovered in virtually all websites secured with theoretically outdated (but widespread) versions of SSL and TLS encryption. Luckily for all non-nefarious users, this vulnerability (called BEAST, short for Browser Exploit Against SSL/TLS) was discovered and disclosed by researchers Thai Duong and Juliano Rizzo, and browser makers are pushing out changes to nullify it. Many systems, though, will remain unpatched for a long time. Nick Mathewson (nickm) of the Tor project has posted an explanation of why Tor traffic, as he understands the attack, remains safe. As a side benefit for those of us who aren’t security experts, his description explains in plain language just what the danger is.

    Read more of this story at Slashdot.

    Why the BEAST Doesn't Threaten Tor Users


    Please enter your comment!
    Please enter your name here


    This site uses Akismet to reduce spam. Learn how your comment data is processed.