Over the past week, a security researcher has published technical details about two vulnerabilities impacting the Tor network and the Tor browser.
In blog posts last week and today, Dr. Neal Krawetz said he was going public with details on two zero-days after the Tor Project has repeatedly failed to address multiple security issues he reported throughout the past years.
The researcher also promised to reveal at least three more Tor zero-days, including one that can reveal the real-world IP address of Tor servers.
Approached for comment on Dr. Krawetz's intentions, the Tor Project did not reply to a request for comment and provide additional details on its stance on the matter.
Dr. Krawetz, who operates multiple Tor nodes himself and has a long history of finding and reporting Tor bugs, disclosed the first Tor zero-day last week.
www.zdnet.com
