[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #7430 [Tor Check]: Easy MITM against check.tpo (not SSL-related)

To: undisclosed-recipients:;
Subject: [tor-bugs] #7430 [Tor Check]: Easy MITM against check.tpo (not SSL-related)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 10 Nov 2012 16:22:28 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 10 Nov 2012 11:22:38 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#7430: Easy MITM against check.tpo (not SSL-related)
-------------------------+--------------------------------------------------
 Reporter:  cypherpunks  |          Owner:     
     Type:  defect       |         Status:  new
 Priority:  major        |      Milestone:     
Component:  Tor Check    |        Version:     
 Keywords:               |         Parent:     
   Points:               |   Actualpoints:     
-------------------------+--------------------------------------------------
 check.tpo is there to give users with a bad setup a fighting chance of
 getting warned when they aren't actually proxying their requests through
 the the Tor network, right?

 So it would be in the interest of a malicious network operator to make it
 seem like the broken Tor setup is just fine, filling those users with
 false confidence.

 What would stop such a malicious network operator from looking for TCP
 requests to one of the IP addresses of check.tpo and transparently
 proxying ''just those requests'' through Tor?

 Note that SSL can do nothing at all to stop that, as the content of the
 request is never inspected or modified.

 I've never seen that particular attack discussed anywhere, and it would be
 very easy to implement.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7430>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #7430 [Tor Check]: Easy MITM against check.tpo (not SSL-related)
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #7429 [Tor]: Tor relay crashed in update_circuit_on_cmux()
Next by Author: Re: [tor-bugs] #7326 [EFF-HTTPS Everywhere]: Hang on opening a new window on Firefox
Previous by thread: Re: [tor-bugs] #7429 [Tor]: Tor relay crashed in update_circuit_on_cmux()
Next by thread: Re: [tor-bugs] #7430 [Tor Check]: Easy MITM against check.tpo (not SSL-related)
Index(es):
- Author
- Thread