[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Using HTTPS Everywhere to redirect to .onion

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Using HTTPS Everywhere to redirect to .onion
From: Felix Eckhofer <felix@xxxxxxxxx>
Date: Thu, 27 Feb 2014 08:20:57 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 27 Feb 2014 03:11:47 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tribut.de; s=dkim; t=1393485657; bh=bdCr72dOMSKY4tp+RstVOaf3Bj+WQvaiojh1q8rVnXk=; h=Date:From:To:Subject:In-Reply-To:References; b=CqPkk2ixVgYR+bF3xTjHzTWwUUQ+JplDX1fLqiZ68t2N47d1NqRrpOTWhXKDIc83H VD7x1o+DJ1j9Ccd1u1kfI1gxBpGiDp4vqqGfkGTf+DynReLede2GZUsN/8TiiQ3aGQ 7TOJA1dVhTVp94g9vW2vYNvFWfchEoMq5+AJeG4k791HMQyDI4RejnAEBNtgMDHFri hnGxZmPixK+JYnWrRIA5m6wZZWoxVxdajefnuC8eD8WLtJgQIZTgLbHyX1RvOyH5NE 7RF9ISGOct1FedfXMLCQQ+kVDd9SzKpSNJ+cLLDDUPv9fZidzKxYveS8qTJeI+Tv+S dRWOyaI+1fRpw==
In-reply-to: <530E784E.4010004@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <530E784E.4010004@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Roundcube Webmail

Hey.

Am 27.02.2014 00:27, schrieb fortasse:

My question is does this have more potential than being a weird
(rather effective) hack? Could we make an "onion Everywhere" as it
were to help solve the difficult-to-remember onion names? Or is this
just another layer of confusion that further increases the barrier of
entry on successful Tor use?

That seems like a dangerous idea. Anyone could easily set up atransparent proxy behind a .onion domain. If I can convince your projectto include that .onion (which sounds easy given that most site ownerswill not know about it) I now have active MITM capability against anyoneusing that extension.You would have to make it very clear that it is a censorship-resistancetool, not a privacy tool.



felix
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Using HTTPS Everywhere to redirect to .onion
  - From: fortasse

Prev by Author: Re: [tor-talk] Ostel and WebRTC over Tor?
Next by Author: [tor-talk] Using HTTPS Everywhere to redirect to .onion
Previous by thread: Re: [tor-talk] Using HTTPS Everywhere to redirect to .onion
Next by thread: Re: [tor-talk] Using HTTPS Everywhere to redirect to .onion
Index(es):
- Author
- Thread