[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance



#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |
------------------------------------------+--------------------------

Comment (by ioerror):

 Ultimately, I wonder if the point is simply to identify people - across
 browser sessions, across proxies, across Tor exits - and the start is the
 "I'm a human bit" - I wonder where does that end?

 In a sense, I feel like this CF issue is like a giant Wifi Captive Portal
 for the web. It shims in some kind of "authentication" in a way that
 breaks many existing protocols and applications.

 If I was logged into Google (as they use a Google Captcha...), could they
 vouch for my account and auto solve it? Effectively creating an ID system
 for the entire web where CF is the MITM for all the users visiting users
 cached/terminated by them? I think - yes to both - and that is concerning.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs