[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 08 May 2020 01:18:41 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 07 May 2020 21:18:50 -0400
In-reply-to: <047.fcb6d00c3fce3074749b54b063130b08@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.fcb6d00c3fce3074749b54b063130b08@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, blackhole@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#24351: Block Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
 Reporter:  nullius                              |          Owner:
                                                 |  cypherpunks
     Type:  enhancement                          |         Status:
                                                 |  assigned
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare, TorBrowserTeamTriaged              |
Parent ID:  #18361                               |         Points:  1000
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by ptaff):

 No matter how hard you work at protecting your privacy, trying to avoid
 tracking by Facebook and Google, installing adblockers and everything,
 those Cloudflare servers effectively MITM 10-15% of the world websites in
 the name of Denial-of-Service protection.

 Many, many of those websites "protected" by Cloudflare have their HTTPS
 certificate owned by Cloudflare; Cloudflare hence sees the communication
 in the clear. Credit card numbers and all.

 Thus they can build an impressive tracking system for users, with very
 high quality personal data.

 They now offer DNS resolution, trying to enrich their user tracking by
 adding data about traffic to servers not "protected" by Cloudflare.

 They disgust me.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:177>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare (was: Fuck Global Active Adversary Cloudflare)
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #34081 [Internal Services/Tor Sysadmin Team]: Undo giving@ to RT, redirect to grants team
Next by Author: Re: [tor-bugs] #34319 [Applications/Tor Browser]: remove symlink support from the updater
Next by thread: Re: [tor-bugs] #34078 [Core Tor/Tor]: Fix compilation warnings with clang 10.0.0
Index(es):
- Author
- Thread