There will always be 0days in various programs. I haven't seen anything for Tor or Tor Browser in there, specifically, however I did see mentions of an exploit for the Android (and non-Android?) library for libxml2, which may be used in Tor Browser. Luckily Google is scrambling to find out what the cause of the bug is to get it fixed.

In general, the stuff in the CIA vault boiled down to:
1) Android and iOS exploits and bypasses
2) IoT exploits and spyware (the Samsung Smart TV)
3) Router exploits
4) FAQs and policies for how to write malware, etc
5) Random stuff like lists of Japanese emoticons and diatribes about text editors

I would imagine that anything they get to attack Firefox, they would buy from a contractor like Raytheon SI or Endgame. When it comes to the security of Tor itself, I wouldn't worry. They don't seem particularly invested in breaking the Tor network, from what I'm seeing in this leak.


  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <em> <strong> <cite> <code> <ul> <ol> <li> <b> <i> <strike> <p> <br>

More information about formatting options

Syndicate content