EvilZone

Other => Found it on the Webs => : kenjoe41 October 30, 2014, 07:00:05 PM

: BurnTOR downloads: The Case of the Modified Binaries.
: kenjoe41 October 30, 2014, 07:00:05 PM

Summary

After creating and using a new exitmap module, I found downloaded binaries being patched through a Tor exit node in Russia.  Tor is a wonderful tool for protecting the identity of journalists, their sources, and even regular users around the world; however, anonymity does not guarantee security. 

http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/ (http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/)

: Re: BurnTOR downloads: The Case of the Modified Binaries.
: proxx October 30, 2014, 07:02:55 PM

They have checksums for that, pretty much default on package managers etc.

: Re: BurnTOR downloads: The Case of the Modified Binaries.
: kenjoe41 October 30, 2014, 07:45:29 PM

Most morons don't remember to verify what they have downloaded most of the time. Your download through the package manager is safe but what about you .exe download from that trusted site softpedia?

: Re: BurnTOR downloads: The Case of the Modified Binaries.
: proxx October 30, 2014, 08:20:05 PM

: kenjoe41  October 30, 2014, 07:45:29 PM

Most morons don't remember to verify what they have downloaded most of the time. Your download through the package manager is safe but what about you .exe download from that trusted site softpedia?

I don't trust softpedia.
SSL is effective enough against this.
Don't really see the point here.

: Re: BurnTOR downloads: The Case of the Modified Binaries.
: Nortcele October 31, 2014, 10:29:21 AM

: proxx  October 30, 2014, 08:20:05 PM

I don't trust softpedia.
SSL is effective enough against this.
Don't really see the point here.

Softpedia scares me