[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] onion routing MITM
26. Jan 2016 18:37 by a55deaba@xxxxxxxxx:
> A CA will not validate a '.onion' address since it's not an official TLD
> approved by ICANN.
I understand that.
> The numbers aren't random. From Wikipedia:Â
> "16-character alpha-semi-numeric hashes which are automatically generated
> based on a public key <> https://en.wikipedia.org/wiki/Public_key> > when a
> <> https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Hidden_services> >
I also know what asymmetric keys and hashes are.
The question is: From a user perspective, http://3g2upl4pq6kufc4m.onion just
looks like random characters. (And in fact, if it's a hash of a public key,
which was originally randomly generated, then indeed these *are* random
characters). You obviously don't want to memorize a domain name such as this,
and as a human, you're very bad at recognizing the difference between
http://3g2upl4pq6kufc4m.onion and http://xmh57jrzrnw6insl.onion
What prevents a person from registering a new .onion site, such as
http://laobeqkdrj7bz9pq.onion and then relaying all its traffic to
http://3g2upl4pq6kufc4m.onion, and trying to get people to believe that
*they* are actually the duckduckgo .onion site?
When you see a link like http://3g2upl4pq6kufc4m.onion somewhere on the web
(such as thehiddenwiki.org) why would you believe it's the real URL that
duckduckgo created, and not somebody doing a MITM?
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to