[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] The heartbleed bug, hidden service private_key leakages and IP revealing

At first, the local interceptor can extracts private authentication key
from heartbleeded guard. Then emulate connection to IP of this guard (a
substituted faked MiTM-ed version of the Guard) for the targeted users.

Something like this can be done at the any parts of the Tor-network for
MiTMing and stripping connections between heartbleeded Tor-nodes for
extracting some parts of information about routed circuits.

On Fri, 11 Apr 2014 18:28:36 -0400
Roger Dingledine <arma@xxxxxxx> wrote:

> For example, I think the SSL spec says that you shouldn't be able to ask
> for a heartbeat until the SSL handshake is finished, but I think OpenSSL
> lets you ask for a heartbeat during the SSL handshake. If so, that means
> any local network mitm attacker, not just your entry guard, can intercept
> your outgoing TCP connection and ask you for some heartbeats.
> --Roger
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to