| 1234567891011121314 |
- o Security fixes:
- - Try to leak less information about what relays a client is
- choosing to a side-channel attacker. Previously, a Tor client
- would stop iterating through the list of available relays as
- soon as it had chosen one, thus finishing a little earlier
- when it picked a router earlier in the list. If an attacker
- can recover this timing information (nontrivial but not
- proven to be impossible), they could learn some coarse-
- grained information about which relays a client was picking
- (middle nodes in particular are likelier to be affected than
- exits). The timing attack might be mitigated by other factors
- (see bug #6537 for some discussion), but it's best not to
- take chances. Fixes bug 6537; bugfix on 0.0.8rc1.
|
