![]() ![]() *BSD operating systems are not affected by the said vulnerability. Debian references it as CVE-2016-5696 (cf: ) and the Debian OS remained unpatched for at least 17 days from the date of announcement of the bug in the Linux world. )Ībout a month ago, Linux users learned of a security vulnerability that has the potential to unmask Tor users. We want to see a stronger Tor network, and we believe one critical ingredient for that is operating system diversity." (cf. A single kernel vulnerability in GNU/Linux impacting Tor relays could be devastating. In a global anonymity network, monocultures are potentially disastrous. In contrast, diversity means single vulnerabilities are less likely to harm the entire ecosystem. ![]() Monocultures in nature are dangerous, as vulnerabilities are held in common across a broad spectrum. "While recognizing the Tor Project is a dynamic open source project with a vibrant community, we are also concerned with the overwhelming GNU/Linux monoculture that is an Achilles’ Heel. ![]() Again the following is a quote from The Tor BSD Diversity Project: It appears then that The Tor Project is not keen at all to support users of *BSD operating systems. Where possible I prefer to have ports pull source from some authoritative download area maintained by the project itself in the case of noscript I do this, for example." (cf. I maintain the tags and branches in these repositories and track changes in the tor project's git repositories. Also, the OpenBSD ports system explicitly supports pointing at GH projects. This is because the Tor project chooses not to make source tarballs easily available for anything except tor itself (their gitian-based build process does not require them). "Most of the ports in this repo pull their source tarballs from other GH torbsd repositories. )Īccording to The Tor BSD Diversity Project and we quote: Since nickm mentioned OpenBSD users have been more seriously affected, we'd like to take this opportunity to ask why The Tor Project has no plans at all to release Tor Browser Bundle for *BSD operating systems, OpenBSD in particular.Ī study by the European Union specifically recommends OpenBSD as the OS of choice. OpenBSD users saw more crashes here, but all platforms were potentially affected.
0 Comments
Leave a Reply. |