ssl | Tor Blog

Advisory: remote DoS when using Tor with recent OpenSSL versions built with the "no-ssl3" option

This is a copy of the message Nick Mathewson sent to the tor-talk &

New SSLv3 attack found: Disable SSLv3 in TorBrowser

Hi! It's a new month, so that means there's a new attack on TLS.

17 comments

What the "Spoiled Onions" paper means for Tor users

Together with Stefan, I recently published the paper "Spoiled Onions: Exposing Malicious Tor Exit Relays".

37 comments

Tor and the BEAST SSL attack

Today, Juliano Rizzo and Thai Duong presented a new attack on TLS <= 1.0 at the Ekoparty security conference in Buenos Aires.

36 comments

The MD5 certificate collision attack, and what it means for Tor

Today, a team of security researchers and cryptographers gave a talk at the 25th Chaos Communication Congress (25C3), about a

7 comments

Upcoming Events

There are currently no upcoming events scheduled.

See All Upcoming Events

Recent Updates

Strength in Numbers: An Entire Ecosystem Relies on Tor

This post is one in a series of blogs to complement our 2018 crowdfunding campaign, Strength in Numbers. Anonymity loves company and we are all safer and stronger when we work together.

New Release: Tor Browser 8.0.4

Tor Browser 8.0.4 is now available from the Tor Browser Project page and also from our

New Release: Tor Browser 8.5a6

Tor Browser 8.5a6 is now available from the Tor Browser Project page and also from our

Strength in Numbers: Measuring Diversity in the Tor Network

This post is one in a series of blogs to complement our 2018 crowdfunding campaign, Strength in Numbers. Anonymity loves company and we are all safer and stronger when we work together.