[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] onion routing MITM



I'm new to tor, trying to understand some stuff.

I understand the .onion TLD is not an officially recognized TLD, so it's not 
resolved by normal DNS servers. The FAQ seems to say that tor itself resolves 
these, not to an IP address, but to a hidden site somehow.

When I look at thehiddenwiki.org, I see a bunch of .onion sites, with random 
looking names. Why is this? What if someone at thehiddenwiki.org registered a 
new .onion site (for example http://somerandomletters.onion), which then 
relayed traffic to duck-duck-go (http://3g2upl4pq6kufc4m.onion)? 
Thehiddenwiki could give me the link http://somerandomletters.org, and of 
course I would never know the difference between that and 
http://3g2upl4pq6kufc4m.onion

Without trusting a CA to validate a site name, what prevents MITM attacks? Am 
I supposed to get the duckduckgo URL from a trusted friend of mine, and then 
always keep it?
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk