There is a solved ticket about this and more info about it. https://trac.torproject.org/projects/tor/ticket/9490
@OP, instead of bitching about Tor being an NSA trap, why don't you learn to use google? Cheerz http://apx808.blogspot.com On Mon, Aug 25, 2014 at 4:02 PM, APX 808 <apx....@gmail.com> wrote: > I did a quick search and found a similar report from August 2013 > > https://blog.torproject.org/blog/tor-browser-bundle-30alpha2-released > > Check the latest comment > > Cheerz > http://apx808.blogspot.com > > > On Mon, Aug 25, 2014 at 3:22 PM, < > bm-2cvvnfwsftfx8dv12l8z8pjejmtrjyj...@bitmessage.ch> wrote: > >> Hi, >> >> I will answer messages sent by different list members. Check for yours: >> >> >> >> >> >> Joe Btfsplk wrote: >> > Or, this could be a hoax by the OP, or a simple mistake. >> >> This is not a hoax and is not a mistake. >> >> >> >> >> >> >> >> Mirimir wrote: >> > Maybe Zemana is incorrectly flagging some aspect of HTML5 canvas >> > spoofing by the Tor browser as taking a screen snapshot". >> >> The incident happend at different web pages that had been accessed before >> many times without any incident. >> >> The Zemana is the same version I am running since December 2013, i.e., it >> is running for around 8 months without any incident. >> >> >> >> >> >> >> Sebastian G. wrote: >> > Was it a website you trusted you browsed to? Did the software attempt to >> > do anything without a website loaded? >> >> Ar regular sites at the surface web that is accessed by many TOR users. >> Sorry, I can not provide more specific information that may facilitate my >> identification. >> >> >> >> >> Sebastian G. wrote: >> > Looks, like the website(s) did something. >> > Maybe trying to access canvas, what the TorBrowser tried to prevent. >> > Maybe this triggered the alert. >> >> Again... I am using the same Zemana version for around 8 months without >> any incident and acessing the same web sites. >> So it is not a canvas access problem. >> I will be very surprice if any web site is capable to generate such alert, >> especially without to be able to run any script. >> >> >> >> >> >> >> >> I am sending some screens with the Zemana log, where is possible to see >> >> the TOR MD5 signature (firefox.exe; FC19E4AFB0E68BD4D25745A57AE14047) >> and >> >> the logged behaviour ("screenlogger"), the TOR version, >> >> TOR button and the >> >> Zemana version screens, and the extensions >> >> and plug-ins existing in my TOR >> >> install (just to confirm that nothing strange is there). They are >> >> available to download here: >> >> http://www.datafilehost.com/d/dfb201d8 >> >> or >> >> https://www.sendspace.com/file/6ygdl3 >> >> > Both of the files are broken or corrupted. They can't be opened as an >> > archive on my end. The first source tries to make one download an .exe >> > file. Well you can download the zip file, without it. >> >> > How can we be sure that your upload is safe? >> >> >> If both links are broken this means that somebody is doing a big effort to >> prevent the file access. >> >> The reason I uploaded to hosts is because the Tor Project team blocked my >> attempt to send as attachment to this list. >> By this you may also understand that the Tor Project team was aware about >> my report two days in advance than the list members. >> >> The uploaded file is a ZIP with a number of JPG images inside. As far as I >> know both file types are safe. >> >> I did a new upload to a popular JPG hosting service. Here they are: >> http://i.imgur.com/QAKp7k1.jpg (Zemana log) >> http://i.imgur.com/nJkCQJp.jpg (Zemana version) >> http://i.imgur.com/06ZW0IK.jpg >> http://i.imgur.com/XsbpQ4X.jpg >> http://i.imgur.com/eikxgpe.jpg >> http://i.imgur.com/jWjAq5N.jpg >> http://i.imgur.com/iuqltM0.jpg >> http://i.imgur.com/01cuLYd.jpg >> http://i.imgur.com/ijnZwGs.jpg >> >> >> >> >> >> >> >> >> Sebastian G. wrote: >> > The remote operator claim would require evidence of some sort. >> >> My report with detailed information including the Zemana log showing that >> firefox.exe tried to record my screen seems to be a very good evidence. >> What more one may provide? Is somebody expecting a NSA or Tor Project >> written confirmation? >> >> >> >> >> >> >> Sebastian G. wrote: >> >> This may explain also the, until now, unclear role and objectives of >> the >> >> US goverment by funding the TOR Project. >> >> > I think they use Tor for many purposes themselves. >> >> Why will USA fund the development of a tool that can be used by its >> enemies? >> You may have a doubt about the Tor backdoor. I don't. >> >> What we have here is very simple: who pays gives the orders! >> >> >> >> >> >> >> >> >> Sebastian G. wrote: >> >> I am an entusiast of privacy tools and TOR is not used for any kind of >> >> unlawful purposes, is unlikely that I will attract attention from >> public >> >> authorities and I am not worried with any data such attacker eventually >> >> may have had access. >> >> > If someone would exploit against the TorBrowser he might be trying to >> > get as many hits as possible to see if someone is a target. >> >> >> I guess inside the rerouting net is a kind of automatic tool to spy Tor >> users and, in addition, the (humans) operators my pick users at will for >> additional checks. Just my guess. >> >> >> >> >> >> >> >> Sebastian G. wrote: >> > I hope this can be resolved. >> >> The Tor Project team is already working to resolve... keeping total >> silence until everybody forgets my report with, for me a PROOF, for >> everybody else an EVIDENCE, that TOR was spotted in flagrant while trying >> to record my screen. >> >> >> >> >> >> >> >> >> >> no.thing_to-h...@cryptopathie.eu wrote: >> > I did not touch the files, because the whole story made me >> > mistrustful. When you look at some subjects of yesterday >> > "Third-parties tracking me on Tor" >> > "TOR tried to take a snapshot of my screen" >> > Perhaps somebody is trolling this list and tries to seed confusion. >> >> >> >> I am not connected with the message with subject "Third-parties tracking >> me on Tor". >> I paid attention on it too. Strange to have an ambiguous message send to >> the list exactly one day after my first try (blocked by Tor Project team) >> to report to this list. >> >> I am not trolling this list. >> I am providing serious information. >> >> >> >> >> >> >> >> AntiTree wrote: >> > I don't know the anti-spyware tool that you used nor >> > details about what the >> > tool deems a "screenshot" but I want to point out that in Windows >> > (especially older versions) one of the entropy sources for OpenSSL is >> the >> > screenshot of your current session[1]. So if the Tor Browser needs to >> > generate keys (and it usually does in your use case) it is possible that >> > the crypto functions are calling whatever "rand" sources are available >> on >> > your system, including first taking a screenshot of your session. >> >> Do not seems that is the case otherwise the Zemana alert would be >> generated on regular basis. >> >> >> >> >> >> >> >> >> Michael Wolf wrote: >> > "NSA and GCHQ agents 'leak Tor bugs', alleges developer" >> > http://www.bbc.com/news/technology-28886462 >> >> Oh yes, we will see many "news and leaks" reporting the "efforts" of NSA >> and GCHQ to break TOR and bla-bla-bla. >> Just desinformation to keeps the TOR credibility. >> >> While may (or may not) provide some protection against USA enemies, TOR >> provides NO PROTECTION against USA and friends. >> TOR is a spy tool to spy on YOU! >> >> >> >> Hope more users will start to use Zemana and other anti-spyware and more >> reports about this problem arrives. >> >> >> >> >> >> >> >> -- >> tor-talk mailing list - tor-talk@lists.torproject.org >> To unsubscribe or change other settings go to >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> > > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
