[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Funny, but not amusing browsing

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Funny, but not amusing browsing
From: Michael O Holstein <michael.holstein@xxxxxxxxxxx>
Date: Thu, 3 Jul 2014 20:02:09 +0000
Accept-language: en-US
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 03 Jul 2014 16:12:13 -0400
In-reply-to: <53B5B465.2030609@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <53B5B465.2030609@xxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQHPlvh7OnHpFBvTg0Wl3o32c2NZh5uOw9gj
Thread-topic: [tor-talk] Funny, but not amusing browsing

>I got worried yesterday when instead of the Wikipedia logo on the
>top-left corner there was the picture of a nazi (army) guy with a

Is this reproducible? 

To successfully (without error) insert into an HTTPS connection you must be trusted by the client .. would need list of CAcerts from firefox/iceweasel, the received HTML, and (ideally) a debug TOR log that shows which exit is doing it.

I have seen HTTPS MiTM attempts in the past but those exits get blacklisted pretty fast for trying to do it .. maybe you're one of the lucky canaries.

A rouge cert signed by a vanilla/public CA would be *very* problematic, and unlikely to be wasted screwing with Wikipedia .. it's far more likely a bogus CA got trusted by your browser, hence the interest in verifying all the certs that are in the keystore.

Regards,

Michael Holstein
Cleveland State University
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Funny, but not amusing browsing
  - From: Spam 06

References:
- [tor-talk] Funny, but not amusing browsing
  - From: Spam 06

Prev by Author: Re: [tor-talk] Tor Exit Operator convicted in Austrian lower court
Next by Author: Re: [tor-talk] Benefits of Running TBB in a VM?
Previous by thread: [tor-talk] Funny, but not amusing browsing
Next by thread: Re: [tor-talk] Funny, but not amusing browsing
Index(es):
- Author
- Thread