[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Warning: 37 new booby trapped onion sites
-----BEGIN PGP SIGNED MESSAGE-----
> Is there anyway to somehow automate the process? (The developer in
> me coming out)
> I ask because this seems like something that you will be doing
> perpetually. Something like an algorithm that can compare
> percentage match of heuristics of a database of previous sites
> marked as fake against all new ones and then giving a trust score?
First way I did this was pretty simple: I compared my real ahmia
(msydqstlz2kzerdg.onion) to the fake one. I scanned them and detected
the difference. The fake ahmia changes URLs to point to fake services.
Now I have several clever methods to detect fake websites.
> I'd be happy to help write something in Python to do this & put on
> github, assuming I can get a decent sets of sample data to test
Thanks! Be free to do that. I can help :) Share your code and ideas.
> Or would putting it out there publically allow those creating the
> fake sites to up their game and change their tactics. Seems like
> this will always be a cat & mouse game.
Yes, that's why I am not describing all of my methods publicly. Please
note that the attacker is probably reading this mailing list.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to