Commit 868becff authored by Gus's avatar Gus 🍕
Browse files

Fix links and header newsletter august 2020

parent 6007f480
......@@ -14,7 +14,7 @@ html_body:
<tbody>
<tr>
<td width="100%">
<table align="center" bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" class="devicewidth" width="680">
<table align="center" bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" class="devicewidth" width="650">
<tbody><!-- Spacing -->
<tr>
<td height="20" width="100%"><a href="https://torproject.org"><img alt="tor-news-logo" src="https://blog.torproject.org/sites/default/files/inline-images/tor-news-logo-560.png" style="width: 250px; height: 75px;" /></a></td>
......@@ -25,8 +25,9 @@ html_body:
<tbody>
<tr>
<td width="100%">
<table align="center" bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" class="devicewidth" height="4192" width="676">
<table align="center" bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" class="devicewidth" width="650">
<tbody><!-- /Spacing --><!-- Spacing --><!-- /Spacing --><!-- content -->
<tr>
<td style="padding:0 15px 15px 15px;">
<p>Hello Tor community,</p>
......
......@@ -16,13 +16,13 @@ Hello Tor community,
This month, we decided to write a slightly different newsletter. We want to answer questions you may have regarding news about Tor’s security.
First, Tor is a secure tool to use. For perspective on how the Tor Project makes decisions about security and development, we’ll start with a tweet from Edward Snowden (twitter.com/snowden/status/1165391734823669761?lang=en): "I wouldn’t expect any system to be totally secure, much less remain secure forever in the face of adversary advances, but that is not the claim. Security is the process of choosing between "less safe" and "more safe’" and continuing to fork towards safety until you reach 'safe enough.'"
First, Tor is a secure tool to use. For perspective on how the Tor Project makes decisions about security and development, we’ll start with a tweet from Edward Snowden (https://twitter.com/snowden/status/1165391734823669761?lang=en): "I wouldn’t expect any system to be totally secure, much less remain secure forever in the face of adversary advances, but that is not the claim. Security is the process of choosing between "less safe" and "more safe’" and continuing to fork towards safety until you reach 'safe enough.'"
Snowden is right. Like all software, Tor development is a process. The Tor daemon, Tor Browser, onion services, pluggable transports, and many other software we develop are just like any other piece of software - they will have bugs. We are always working to make Tor safer for the largest number of users by prioritizing the most impactful changes.
In that spirit, we’d like to talk about two clusters of reports and the action we’ve taken.
1. You may have heard about a series of bugs in Tor being reported as “0-days.” These bugs aren’t 0-days. Many of them are open in our bug tracker. We have triaged these tickets and determined they are not high priority, and they do not harm our users' anonymity. We explained more about our decision process regarding these bugs, and what comes next, in a tweet (twitter.com/torproject/status/1288955073322602496).
1. You may have heard about a series of bugs in Tor being reported as “0-days.” These bugs aren’t 0-days. Many of them are open in our bug tracker. We have triaged these tickets and determined they are not high priority, and they do not harm our users' anonymity. We explained more about our decision process regarding these bugs, and what comes next, in a tweet (https://twitter.com/torproject/status/1288955073322602496).
2. You may have heard about a group of exit relays running sslstrip attacks on the Tor network in May and June 2020. This attack targeted unencrypted HTTP connections to a small number of cryptocurrency exchange websites, and left other traffic alone. These relays have been monitored and excluded from the Tor network since they’ve joined. You can read the full details about the attack, and the next steps to mitigation, on our blog. (blog.torproject.org/bad-exit-relays-may-june-2020) Monitoring the Tor network continuously is very important in catching these kinds of attacks, and given our limited capacity, you can help by donating (https://donate.torproject.org) to help increase our network monitoring capacity, running your own relay (https://community.torproject.org/relay/), or reporting bad relays (https://community.torproject.org/relay/community-resources/bad-relays/).
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment