The main Tor-specific changes were the deprecation and removal of onion v2 support (replaced by v3 addresses) and the formal release of snowflake as a pluggable transport. There were also over a dozen updates to the Tor Browser (from version 10.0.8 to 11.0.3), but most of these were basically incorporating updates from Firefox. Over the past year, there were over a dozen updates for the Tor daemon (and that's not counting the pre-releases). Of all of the vulnerabilities and concerns that I raised in 2020, the Tor Project didn't address any of them. (The last blog entry begins with a summary of the vulnerabilities.) Other issues were brand new and first disclosed on my blog.
Many of them were well-known to the Tor Project (some nearly a decade old!) but had never been addressed and had no viable mitigation options or alternatives. Back in 2020, I wrote nine blog entries about Tor that covered a wide range of vulnerabilities.
0 kommentar(er)
