11 thoughts on “Tor And HTTP Gzip Leak Local Time Zone

  1. Who the hell sets a server to local political time, anyway??

  2. This is vastly sensationalized, I expected Qntra to fall for it with their usual TOR hate though :(

    Most servers don't send the time at all, while the rest send UTC. It seems to be an issue with Windows servers, and if you're running an hidden service on Windows you have other problems. The guy who found the "issue", a self-described "Agilist" is just your typical masturbating monkey fishing for attention.

    Meanwhile, Qntra missed on a lot of security news:
    http://www.hardocp.com/news/2016/02/20/hundreds_spotify_accounts_exposed_online/
    http://it.slashdot.org/story/16/02/20/0455248/comodo-antivirus-tech-support-feature-lets-anyone-connect-to-your-pc
    https://soylentnews.org/article.pl?sid=16/02/17/0142250
    http://yro.slashdot.org/story/16/02/08/1610255/metel-hackers-roll-back-atm-transactions-steal-millions
    http://it.slashdot.org/story/16/02/18/1626205/stealing-keys-from-a-laptop-in-another-room-and-offline

    • 1. Fuck Spotify
      2. Fuck Comodo
      3. Needs more digging
      4. largely eclipsed in lulz by http://qntra.net/2016/02/bitcointalk-default-trust-member-escrow-ms-arrested-for-debit-card-fraud/
      5. Still being dug into, but stealing bits with antennas is not in itself novel.

      Here with this time zone leak is a problem found in the wild that has concrete actionable remedies, so it is news.

    • > Claims Qntra missed on a lot of security news
      > Leads with lolitem about hundreds of users of service nobody heard about.

      What the fuck is that, random VC powered webshits trying to advertise or something ?

      FTR, the important part about the laptop story is that ECDSA IS WEAK.

    • Qntra missed on

      What does that even mean? Does that mean that Qntra missed solving those problems? Do you really expect Qntra to report on everything, everywhere, all the time, for nothing? Monster ingratitude. On steroids.

      You already have places to read what you want to read, obviously, why do you expect Qntra to duplicate other people's work? Logically, you do not want to read stories on Qntra that you can read elsewhere; quite apart from the fact that you have already read them once, you should want Qntra to be a unique resource with a unique position, whether you agree with it or not.

      Really…

      • Not only you're only trying to straw-man me without actually replying to things that matter, you also missed that this "story" is found on every other shitty website, which is why I was disappointed to see it appear on Qntra, with the same level of technical ignorance I found with the other "journalists".

        But no, you had to try to keep the circlejerk alive, at all costs. That's what truly matters.

  3. So the response is that those other news are not important. Fine. But that's besides the point: this thing isn't either, and the title is misleading.

    This is a worse circlejerk than reddit.

Leave a Reply to Mircea Popescu Cancel reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>