Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Virus Guy
January 19, 2014, 4:29 am
rate this thread
Deleted it from Windows machines
17 Jan 2014
Microsoft wages war on Tor -
Software giant Microsoft has the power to remove Tor from users'
machines and the signs are that it has already done so.
According to Daily Dot, in August 2013, the Sefnit malware protected
itself using Tor - and Vole remotely removed programs en masse from
people's computers, without them even knowing it.
As it turned out, using Tor in this way was a mistake because it
inflated the number of Tor users so much there was a fear that the
network would crash. However, the fact that Vole had the ability to kick
Tor off machines is a little worrying.
Developer Jacob Appelbaum said in a speech at the Chaos Communication
Congress in December that it means that if you are using Windows and
trying to be anonymous it is a bad idea.
Writing in his bog Microsoft's Geoff McDonald said that leaving the Tor
clients installed posed a severe threat to infected machines. He said
that the problems were the older versions of the software and not the
To be fair to Vole, it had stumbled on a unique characteristic of the
Sefnit malware that it had a tendency to install Tor into a location
that almost no human user would. Microsoft zeroed in on that location,
and killed off millions of Tor clients.
Andrew Lewman, Tor's executive director, told the Daily Dot he was not
losing much sleep over it.
While it is no small thing that Microsoft has the ability to reach into
certain Windows installations and tear out the parts they deem
dangerous, Lewman says there's little to worry about in this case.
It sounds scary until you realise users opt-in for the most part and
agree to have their OS kept 'secure' by Microsoft, Lewman said.
Besides - a big chunk of Tor users would not touch Windows with a barge
Re: Microsoft wages war on Tor (uses Vole to delete tor from millions of bots)
Not true. Though I do not trust Microsoft (Windows is
evidently backdoored) this time they did not sin.
They used microsoft security essentials to remove a Tor
installation done in a non-standard locale by malware. The "occult"
Tor formed a rogue datamining network.
No recent versions, or standard installations of Tor were
affected. Which means that they are probably already backdoored
Don't be evil - Google 2004
We have a new policy - Google 2012
- » Micro$oft will continue to active new installations of XP after EOL (April 8)
- — Next thread in » Anti-Virus Software
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — The site's Newest Thread. Posted in » Secure Shell Forum