[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Quantum Insert detection for everyone



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks for your reply

David Stainton wrote:
> Yes and no. HTTPS/Onion services prevents successful TCP injection 
> attacks when the attacker doesn't know the key material...
> therefore to make this claim about HTTPS in general seems rather
> sketchy given that many CA's have been pwn'ed (and subpoena'ed?) in
> the past.

Haha, you're right! HTTPS key exchange is broke. Always a good laugh,
though.

> TCP injection attacks are not the same as man-in-the-middle
> attacks... but rather are categorized as man-on-the-side. The
> difference is important because MoS is *much* cheaper for these
> various (not just NSA) entities to execute. MoS means you do not
> have to pwn a route endpoint at the site of your TCP injections...
> you can inject from almost anywhere as long as you can win the
> race.
> 
> I will discuss this point in my write up... and I will write a
> section specifically for Tor exit relay operators who are
> interested in using HoneyBadger.

What about the approach of detecting/preventing those attacks at the
user endpoint. Like enforcing HTTPS-connection (HTTPS-Everywhere) and
prohibiting/announcing redirects.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBAgAGBQJVOCTdAAoJEJLecH4ruDZd/OQH/Rairg+tY0CUFDYqz7WiD9O+
87I8/lOGGQ43NnXHfp7D/tkO+L8ZLvVrXIj65x9wx/HfkTk284i6oMD8939CSviO
xUkrXvTzgEk2NB+sQJszxftW3tGknDj6DGPDax+eiQDF7BB+cuWzoV4ufFA1OmGr
08X+eq8IuGbHLwdML6WqgvOicjy0m7ME1kbKLEuat8UzAyeUjCkxXmncAdcqUPZr
Ng8iBS20jDGYv7mAifeKZd/i20oUAiZc7fH9210ZcxVIAHQ2B14RDZN2KlFWFQTY
EiBW4GjLsI5NJs6boYoCtfM+8PYmebo1QT1gkueIXXhkeQ9Vl1TlKI+4OI4IAF0=
=O54P
-----END PGP SIGNATURE-----
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays