[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: another BADEXIT found $8424E8653469B1EFF87E79E8599933A3BAF8FDB2



     On Mon, 9 Feb 2009 19:23:36 +0100 Ansgar Wiechers <tor@xxxxxxxxxxxxxxxx>
wrote:
>On 2009-02-09 phobos@xxxxxxxxxx wrote:
>> On Mon, Feb 09, 2009 at 09:07:15AM -0600, bennett@xxxxxxxxxx wrote 1.4K bytes in 26 lines about:
>> :      An unnamed exit with fingerprint $8424E8653469B1EFF87E79E8599933A3BAF8FDB2
>> : is redirecting HTTP port 80 to
>> 
>> Ah, 'apple'.  Again they try this exact same tactic.  Silly people.
>
>Please elaborate, because I have no idea what you're referring to? Feel
>free to e-mail me in private should this be old news for the rest of the
>list.
>
     Some time ago, a tor relay called "apple" appeared.  "apple" was found
to be a crooked exit relay in that it was replacing the URLs of its exiting
traffic with URLs of the form

https://kangnam.megapass.net:7003/index.html?sso=121.138.5.103&no=8403&origin=OriginalURL

where "OriginalURL" was the URL requested by whatever tor client built the
circuit using "apple" as its exit relay.  "apple" frequently restarted under
different IP addresses.  Its perfidy was reported here, and eventually [*ahem*]
the directory authority operators flagged it as a BADEXIT, so that tor clients
around the globe would avoid using "apple" as an exit.
     "apple" disappeared after that for a time, but now it's back.  It still
uses varying IP addresses, but has changed its private OR key, perhaps to avoid
recognition as a bad exit.  Unfortunately, there is no good way for the
software to recognize a corrupt tor operator, but it should be given a BADEXIT
flag for its *name*, as well as its new key, to force "apple"'s crooked
operator to change his/her relay's torrc file next time.  It isn't much, but
anything is a help.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************