[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: torsec exit behaves badly?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: torsec exit behaves badly?
From: Roger Dingledine <arma@xxxxxxx>
Date: Wed, 16 Apr 2008 16:07:57 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 16 Apr 2008 16:08:04 -0400
In-reply-to: <20080416224751.8d16e6c2.ygrekheretix@xxxxxxxxx>
References: <20080416224751.8d16e6c2.ygrekheretix@xxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.5.13 (2006-08-11)

On Wed, Apr 16, 2008 at 10:47:51PM +0300, ygrek wrote:
>  Try it http://google.com.torsec.exit/ 
>  Looks like torsec injects some JS and/or redirects to adware sites

Interesting. My first thought is that it's some Windows software that
intercepts port 80 traffic for the user and tries to sanitize his
browsing experience.

My second thought is that the user's ISP is trying to launch some sort
of attack on the user's browsing habits, e.g. like Phorm.

One of our google-summer-of-code projects is going to be looking at
automating exit relay scanning and giving real-time updates to the
directory authorities so they can notice and punt nodes like this. (Doing
it manually doesn't work very well, it turns out.)

--Roger

References:
- torsec exit behaves badly?
  - From: ygrek

Prev by Author: Re: zero-knowledge protocols
Next by Author: Re: [OT] mitigating or defeating syntax analysis
Previous by thread: torsec exit behaves badly?
Next by thread: Re: torsec exit behaves badly?
Index(es):
- Author
- Thread