[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
From: niftybunny <abuse-contact@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 13 Aug 2020 15:34:55 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 14 Aug 2020 04:26:56 -0400
In-reply-to: <CAHcjhEHhNw5vB=p-0q5nRKP+fHDAG-XmQuPi=K5GCAE10iDnQQ@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <730db076-2e22-3aae-41dc-6e3fe5952aa9@riseup.net> <CAHcjhEHhNw5vB=p-0q5nRKP+fHDAG-XmQuPi=K5GCAE10iDnQQ@mail.gmail.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

WTF?

Yes, this is nothing new and your ISP could do the same thing if it would be in stealing your money and doing crimes. Besides the fact that ISP are not run by organised crime as far as I know: This is Tor. I didn't know that our new Mission Statement is: Tough shit happens and lets watch how malicious relays rob users…

This shit has to stop. Why are the relays in question still online?

On 13. Aug 2020, at 11:19, Michael Gerstacker <michael.gerstacker@xxxxxxxxxxxxxx> wrote:

https://medium.com/@nusenu/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac

So in other words when the destination website does not really care about their users safety and the user sends unencrypted exit traffic through Tor then an exit relay operator could do the same like your internet provider (spying/changing your traffic).
Properly setting MyFamily does not help in this case.

That's nothing new.

The only news is that it is getting exploited big scale now.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
  - From: Roger Dingledine

References:
- [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
  - From: nusenu
- Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
  - From: Michael Gerstacker

Prev by Author: Re: [tor-relays] why non-exit node becomes last in the circuits?
Next by Author: Re: [tor-relays] anyone else with this issue?
Previous by thread: Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
Next by thread: Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
Index(es):
- Author
- Thread