

Heartbleed and TOR in practice - bdpuk
http://digitalassurance.com/blog/heartbleed-and-tor-practice

======
ufmace
Combined with rumors that the NSA knew about Heartbleed, this makes me wonder
if they actually were involved in outing Silk Road. As far as I know, we still
haven't seen any indication on how the FBI managed to find and image the Silk
Road server.

~~~
antocv
I dont think heartbleed was necessary to crack Silk Road server - after all
its just another php server, those arent really known for being air-tight.

Especially the programmer who basically copypasted stuff from stackoverflow.

------
DatBear
After all the NSA leaks and then Heartbleed, being anonymous anywhere really
seems like a pipe dream to me.

~~~
dmix
Large-scale traffic analysis (dragnet surveillance) + hacking into exit nodes
already made compromising TOR users technically feasible before the heartbleed
exploit.

The whole cypherpunk/online anonymity movement which spawned TOR was largely
predicated on nation states acting legally. But when they can secretly hack
into every router, fiber cable, and gateway endpoint without any question of
legality then anonymity and privacy online is no longer an option for anyone,
even the most technically-proficient.

