[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: eliminating bogus port 43 exits



Hello, Jon!
You wrote to or-talk@xxxxxxxxxxxxx on Sat, 13 Jun 2009 13:48:49 -0600:

> I can not agree.  Sniffing the traffic at the exit node actually does
> jeopardize the reason people are using this software in the first place.

Every tor user should know that his/her traffic will definitely be sniffed
and/or modified by criminals. If user chooses to route sensitive traffic
through tor unencrypted or to ignore ssl certificate mismatch warnings
there is nothing ethical tor operators can do about it.

So the question is not about sniffing some traffic to gather statistics 
but whether the fuss about embassy passwords and pages like this:

  http://web.archive.org/web/20070308144554/http://tor.unixgu.ru/

(don't know whether they are whitehats or blackhats but it doesn't 
really matter) are enough to raise awareness or more radical measures
are required.

Playing devil's advocate but not that much,
Alexander Cherepanov