[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Fuck Global Active Adversary Cloudflare

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #24351 [Applications/Tor Browser]: Fuck Global Active Adversary Cloudflare
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 15 Jan 2018 23:26:17 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 15 Jan 2018 18:26:27 -0500
In-reply-to: <047.fcb6d00c3fce3074749b54b063130b08@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.fcb6d00c3fce3074749b54b063130b08@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#24351: Fuck Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
 Reporter:  nullius                              |          Owner:  tbb-
                                                 |  team
     Type:  enhancement                          |         Status:
                                                 |  reopened
 Priority:  Very High                            |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Critical                             |     Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare                                     |
Parent ID:  #18361                               |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by cypherpunks):

 > It is authorized by both websites owners (who have explicitly made staps
 to use it),
 > and website users (who agree with websites' ToS in order to use it)

 Not all people read long TOS. You can find many people who didn't realize
 how Cloudflare works in technical way, JUST LIKE YOU.
 "And website users" is incorrect. Not all websites have TOS. For example,
 this trac.torproject.org. Where's TOS? I didn't agree to anything!
 Another problem is I did not allow Cloudflare to read anything. They are
 silently standing between me and website owner, who signed up CF for FREE,
 $0, COMODO HTTPS certificate.
 WhatTheFuckEver, by Wikipedia's DEFINITION, this is clearly called "MITM
 ATTACK".
 Don't like it? Edit Wikipedia.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:63>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #24780 [- Select a component]: Download issue
Next by Author: Re: [tor-bugs] #24886 [Metrics/Bot]: Hide the HSDir, Guard, and maybe Exit flags on bridges on Metrics Bot (was: Hide the HSDir and Guard flags on bridges on Metrics Bot)
Previous by thread: Re: [tor-bugs] #23141 [Applications/Tor Browser]: Cloudflare breaks loading the chat on http://www.goftesh.com/
Next by thread: Re: [tor-bugs] #24011 [Core Tor/Tor]: Attempt to open a stream on first hop of circuit
Index(es):
- Author
- Thread