[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Facebook brute forcing hidden services



Here is their blog post about the matter:

  https://blog.ian.sh/2014/10/31/tls-over-tor/

They have successfully managed to get a certificate issued with
facebookcorewwwi.onion in the subjectAltName field. The cert file:

  https://paste.ian.sh/raw/omegi

The subjectAltName:

  DNS:certly.io, DNS:*.certly.io, DNS:owa.certly.io, DNS:mail.certly.io, DNS:autodiscover.certly.io, DNS:*.assetsrv.com, DNS:facebookcorewwwi.onion

Mike

* on the Fri, Oct 31, 2014 at 12:52:27PM -0400, AntiTree wrote:
> It appears that someone has been issued a facebookcorewwwi.onion cert
> from another CA as .onion has no way of verifying a collision.
> https://news.ycombinator.com/item?id=8538527
> 
> On Fri, Oct 31, 2014 at 12:12 PM, Andreas Krey <a.krey@xxxxxx> wrote:
> > On Fri, 31 Oct 2014 16:49:38 +0000, AFO-Admin wrote:
> > ...
> >> Hi,
> >> i really think that this is a good thing, because i think this hidden
> >> service will get a lot attention in countries where Facebook is
> >> blocked.
> >
> > In blocking countries you'll use Tor whether you to the .com
> > or the .onion domain. The way around the block is tor, not the
> > hidden service.
> >
> > The hidden service add a protection layer to the traffic from
> > the tor network to facebook, but they are using SSL anyway.
> >
> > And it remains to be seen what they do with static assets
> > that are loaded from different domains - but actually it wouldn't
> > matter when those are not going through the hidden service.
> >
> > Andreas
> >
> > --
> > "Totally trivial. Famous last words."
> > From: Linus Torvalds <torvalds@*.org>
> > Date: Fri, 22 Jan 2010 07:29:21 -0800
> > --
> > tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> -- 
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
Mike Cardwell  https://grepular.com https://emailprivacytester.com
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3   B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1   BF1B 295C 3C78 3EF1 46B4

Attachment: signature.asc
Description: Digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk