Tor infrastructure compromised. Upgrade now!
A most disturbing announcement was posted to the or-talk mailing list by Roger Dingledine, one of the core developers of Tor. Earlier this month it was discovered that moria1 and gablemoo, two of the seven directory authorities of the Tor darknet were compromised along with a server added to the project's domain to track and serve metrics. One of the boxen was imaged for later analysis but all were reconstructed. New crypto keys were cut for the directory authorities due to the compromise, necessitating a new release of the software. Scarily, moria also hosted the Subversion and git repositories for …
Read more...