[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] MITM attack: How to see Tor Messenger's exit node?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] MITM attack: How to see Tor Messenger's exit node?
From: Allen <allenpmd@xxxxxxxxx>
Date: Wed, 4 May 2016 08:45:12 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 04 May 2016 08:45:23 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to; bh=m+gx7SdyuCkJJQd+aE8wJfZP9AVMSqu9OAGefxKka/0=; b=h3J6IOT5tOS0Y/dBljccLx2G3mIaqueXG/1s8LOnpITsVklO4wjmlg0HIPTmw/NSkO uVRzy7+5fVjLO5sKbJzhBjjAnqvKlJZbUM7/1RnZSllbgfq1ID5PuTmZm2JhCbxpdahI mipCVzfVSMtGr5WiFktkxmFsZ1Ib9qgBBZAbj7d8Wno727GC/xPnBkku9bOvRYzzMASI b8G9r0n1Zskx0h+BpZ6cly3Ns8kkLYZSMo1QaVSYhzAT9wKtlgrbPLt2jrDld4DJV0C8 GAZpinu8RCbYdNTz7XEspLcPpB/QpmQ6JP1LVmecXVKJRleW/QqIKU8juNfNH0zfwVmY fR+Q==
In-reply-to: <CAJ8LpWpTNxBvPqRut=ELX-XC2V60p8v0u5S7p+iRnE0Lu10M2A@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAJ8LpWp_yr5KDSHKg0z72FL-s82QYNVaS9Ob5efzftViTqnA=Q@xxxxxxxxxxxxxx> <5729E33D.3080706@xxxxxxxxxxx> <CAJ8LpWpTNxBvPqRut=ELX-XC2V60p8v0u5S7p+iRnE0Lu10M2A@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

> Are there any other explanations than MITM?

A software bug.  But given that your desired opsec is to be resistant to
MitM attacks, you should always perform the required authentication steps
regardless.  Note that in any reasonable software, you shouldn't have to
compare fingerprints every conversation--instead you should only have to do
this once and the software should then store some kind of credentials so it
can perform automated authentication.  If "Tor Messager" makes you check
fingerprints every time you start a fresh conversation, you might want to
look for another solution.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] MITM attack: How to see Tor Messenger's exit node?
  - From: Nurmi, Juha
- Re: [tor-talk] MITM attack: How to see Tor Messenger's exit node?
  - From: Karsten N.
- Re: [tor-talk] MITM attack: How to see Tor Messenger's exit node?
  - From: Nurmi, Juha

Prev by Author: Re: [tor-talk] ProtonMail
Next by Author: Re: [tor-talk] Proton Mail and Tutanota - not exactly Tor friendly.
Previous by thread: Re: [tor-talk] MITM attack: How to see Tor Messenger's exit node?
Next by thread: Re: [tor-talk] MITM attack: How to see Tor Messenger's exit node?
Index(es):
- Author
- Thread