Advisory: remote DoS when using Tor with recent OpenSSL versions built with the "no-ssl3" option This is a copy of the message Nick Mathewson sent to the tor-talk &
New SSLv3 attack found: Disable SSLv3 in TorBrowser Hi! It's a new month, so that means there's a new attack on TLS. 17 comments
What the "Spoiled Onions" paper means for Tor users Together with Stefan, I recently published the paper "Spoiled Onions: Exposing Malicious Tor Exit Relays". 37 comments
Tor and the BEAST SSL attack Today, Juliano Rizzo and Thai Duong presented a new attack on TLS <= 1.0 at the Ekoparty security conference in Buenos Aires. 36 comments
The MD5 certificate collision attack, and what it means for Tor Today, a team of security researchers and cryptographers gave a talk at the 25th Chaos Communication Congress (25C3), about a 7 comments