[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] MITM attack on TLS

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] MITM attack on TLS
From: Ondrej Mikle <ondrej.mikle@xxxxxxxxx>
Date: Wed, 18 Nov 2015 22:35:57 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 18 Nov 2015 16:36:15 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type:content-transfer-encoding; bh=aC1xCgc0GuooYaKmisEVpW5OChqq29ey8FvqgrU/Ews=; b=OWPdHUbMtXjDFiCtBzDtlNLveYIu18t1IYcBsZLWNRQRyEXk33++DmpBWYY8cfdbyc lS+cVk39WBg3DSXKnPqEz3C8vRIz63LzOVN8gMTwgv3EuJ0ecUnNBDK875qVuQMXlZpb ol3/SDGNJ/v16/DYCdI7Z/7IlBEpZDgNrB7a6iC2v8X5UeQqis2mmPe+5Us2uZfo5ZEJ YwffMybetAwxfv/HNSR2/29wOjifI+rZbJdtVIcnYjnrRpJhb1AouNWcrwaN0+/6a3Hd T/BSiXB72sHUbqhxH1xVOM1s7cDZmO5wrn3wykswBOjB27SXrS3uzL4f+J2D3mDRXgky rWLg==
In-reply-to: <CAPjf7ZXsPCo2U0rXD2uXWsrxc5Do=9_1KUyY1JrU+gYztNdXbg@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAPjf7ZXsPCo2U0rXD2uXWsrxc5Do=9_1KUyY1JrU+gYztNdXbg@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux i686; rv:38.0) Gecko/20100101 Thunderbird/38.3.0

On 11/18/2015 04:36 PM, Justin Davis wrote:

I just learned that the IT department of an organization where I am
will begin mass decryption on TLS traffic.  Would this effect the use
of the Meek pluggable transport?  Just to give more information, the
attack will be done by having every network user install a root cert
in our browsers.  Any information is apreciated.

I'm not entirely sure whether meek transport checks the certificate,because it's not necessary since it just acts an encapsulation proxy forTor traffic.

However the IT admin would be able to see to which meek bridge are youconnecting to after the MitM (meek just sends the bridge in HTTP Hostheader that is normally hidden inside TLS tunnel).

I haven't checked meek's development in a while, so this might not beentirely accurate.


OM
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] MITM attack on TLS
  - From: Justin Davis

Prev by Author: Re: [tor-talk] How can I verify that this "Onionshare" program is indeed the one intended for me to get?
Next by Author: Re: [tor-talk] Onionmap, a free software worldmap of Tor relays
Previous by thread: [tor-talk] MITM attack on TLS
Next by thread: Re: [tor-talk] MITM attack on TLS
Index(es):
- Author
- Thread