[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: client bug in 0.2.2.7-alpha and a new bad exit: exoassist
- To: or-talk@xxxxxxxx
- Subject: Re: client bug in 0.2.2.7-alpha and a new bad exit: exoassist
- From: grarpamp <grarpamp@xxxxxxxxx>
- Date: Fri, 5 Feb 2010 04:45:07 -0500
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Fri, 05 Feb 2010 04:45:17 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=sc41EziJi0X7lLQWJVpu/ZqhrPWb7hvEen1ESTRdUHU=; b=Ms6GOQIFg0dA0LiH936OMJaINFf8qdflKvaBeg5Zg1ppYNKRgyn7juq8nsDaQYRRDI crI5smu4y/bTqiMgVPSBlylAYiBshcHtwgM2wyjvPVWgczYba5NsAOs0Ka783ty7e6FR Ldk3WMhtLxxRyDDtXFNswW7tzrQgG1rWDszag=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=KBr8zUwqOa/9N42MrS10qGsJ4uY+U1gGUvtGQ52+wMcmykRQZm6XMnN+bfd3tYKkqR LfR8VysNco3cgJdBTE7LvsZNk/4tcndNUGlscUqMImL5DCDmdOkl4XAAlq0xoyXtdkTr MMkPuRiZM0EIOtBfydHoL49t3dyUFe1YnuJBo=
- In-reply-to: <201002050758.o157wi5r007963@xxxxxxxxxxxxx>
- References: <201002050758.o157wi5r007963@xxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
Since I doubt the suggested tests were performed, I did the work
instead. I reached the 'up' website, and timed out on the 'down'
one... both as expected. And I diffed the clearnet and tornet
versions of the 'up' one and they matched, sans 'alteration'.
If one can prove exo is the site with the cache, and that it's
also configured improperly, this case might have more merit.
Can people tell me which of all the websites they surfed today had
a cache somewhere between their browser and the site httpd? Did one
block all those internet paths on a whim against caches? Is TorProject
going to test all exits to examine for potential caches in the path
and flag them all for similar reasons? And what exactly does one
propose to do about all the caches and other proxies it can't detect
because they happen to be more transparent?
I highly think not, on the former three accounts. And 'oops, policy
failure' on the latter.
Some cache in the path in question is ejecting a harmless and indeed
rather useful error message. One that even caught a bug in Tor.
Users are free to block exo in their config, or not. In the grand
scheme of things, I'd suggest it's a waste of time.
> security breaches
So now caches are a security breach too? That's news to me, lol :)
It's up to torproject now. Happy Tor'ing as always :)
And since I'm sure someone will bring up headers somewhere in all
this mootness, here's a few of those too :)
GET / HTTP/1.0
HTTP/1.0 200 OK
Last-Modified: Tue, 02 Feb 2010 13:45:19 GMT
Date: xxx, xx Feb 2010 xx:xx:xx GMT
Server: httpd/1.4.x LaHonda
X-Cache: MISS from fra1-proxy2.bbw.net.au
X-Cache-Lookup: MISS from fra1-proxy2.bbw.net.au:3128
X-Cache: HIT from proxy2.hbt.bbw.net.au
X-Cache-Lookup: HIT from proxy2.hbt.bbw.net.au:8080
Via: 1.0 fra1-proxy2.bbw.net.au:3128 (squid/2.7.STABLE3), 1.0
router exoassist 220.127.116.11
proxy1.bbw.net.au > proxy1.hbt.broadbandwireless.com.au 18.104.22.168
www.sadf239csksd93.org [not found]
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/