[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 24 Nov 2017 19:59:11 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 24 Nov 2017 14:59:21 -0500
In-reply-to: <047.fcb6d00c3fce3074749b54b063130b08@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.fcb6d00c3fce3074749b54b063130b08@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#24351: Block Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
 Reporter:  nullius                              |          Owner:  tbb-
                                                 |  team
     Type:  enhancement                          |         Status:
                                                 |  reopened
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Blocker                              |     Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare                                     |
Parent ID:  #18361                               |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by cypherpunks):

 This isn't the correct solution. The green icon only tells you that the
 exit and the server you're communicating to (Cloudflare in this case) is
 encrypted, and that's it. It shouldn't extend to how someone sets up their
 website, otherwise it opens a slippery slope: why not block all websites
 because all servers have the backdoor that is Intel Management Engine or
 AMD's Platform Security Processor? Why not block all onion services on the
 same ground? Also, good luck confusing most users by blocking a large
 portion of the web: w3techs.com/technologies/history_overview/proxy/all

 (Yes, Cloudflare is evil and tries to pass as some kind of "anti-DDoSes
 hero" and with all their HN PR, this has no bearing on this however.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #24407 [Core Tor/Tor]: No warning when IPv6 port is not reachable
Next by Author: Re: [tor-bugs] #23900 [Core Tor/Tor]: Let programs call tor_main with a preconstructed control socket
Previous by thread: Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
Next by thread: Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
Index(es):
- Author
- Thread