[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #2293 [EFF-HTTPS Everywhere]: detect man in the middle attack to https

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #2293 [EFF-HTTPS Everywhere]: detect man in the middle attack to https
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 11 Jan 2011 23:08:54 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 11 Jan 2011 18:09:07 -0500
In-reply-to: <046.ef2054d8a459307d52abb09d53b2d206@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.ef2054d8a459307d52abb09d53b2d206@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2293: detect man in the middle attack to https
-----------------------------------+----------------------------------------
  Reporter:  cyrano                |       Owner:  pde   
      Type:  enhancement           |      Status:  closed
  Priority:  normal                |   Milestone:        
 Component:  EFF-HTTPS Everywhere  |     Version:        
Resolution:  wontfix               |    Keywords:        
    Parent:                        |  
-----------------------------------+----------------------------------------
Changes (by pde):

  * status:  new => closed
  * resolution:  => wontfix


Comment:

 We've thought a lot about this problem, and we have some related projects
 to try to address it (https://www.eff.org/observatory).Â Those may lead to
 some code that gets added to HTTPS Everywhere, but it won't be able to
 perform strong MITM detection, because nobody knows exactly how to do
 that, and especially not how to do it without introducing false positive
 warnings.

 In the mean time, you may be interested in these Firefox extensions which
 do offer some extra protections against man in the middle attacks:

 http://patrol.psyced.org/

 http://www.cs.cmu.edu/~perspectives/

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2293#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #2208 [EFF-HTTPS Everywhere]: Mediawiki.org
Next by Author: Re: [tor-bugs] #2218 [EFF-HTTPS Everywhere]: google search is changed...no "images search" on results
Previous by thread: Re: [tor-bugs] #2208 [EFF-HTTPS Everywhere]: Mediawiki.org
Next by thread: Re: [tor-bugs] #2218 [EFF-HTTPS Everywhere]: google search is changed...no "images search" on results
Index(es):
- Author
- Thread