[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #18911 [User Experience/Website]: bitcoin donations via BitPay don't work properly for tor users (BitPay uses Cloudflare)
#18911: bitcoin donations via BitPay don't work properly for tor users (BitPay uses
Cloudflare)
-------------------------------------+---------------------------
Reporter: cypherpunks | Owner: Sebastian
Type: defect | Status: new
Priority: Medium | Milestone:
Component: User Experience/Website | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------+---------------------------
Comment (by cypherpunks):
Yikes! It's despicable that torproject is using bitpay! This is wrong on
so many levels.
1) bitpay.com is insecure by design, MitM'd by CloudFlare.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835
2) CloudFlare is the most damaging adversary to the Tor community. It's an
embarrassment that Torproject is willing to patronize a CloudFlare patron,
while at the same time putting Tor users at risk to having their money
jacked. Tor is supposed to improve security, not damage security.
Possible fixes:
* Dump bitpay immediately.
Unreasonable fixes:
* Fixing the bitpay transactions so that the Tor community sponsors their
adversary and remains exposed to MitMs.
WTF!
Now that Bruce Schneier is on the board (welcome, Mr. Schneier), we expect
a solid solution to this ticket that shows that our own house is in order.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18911#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs