On 13-10-08 05:19 AM, Lunar wrote: > Sean Alexandre: >> In light of FoxAcid and the NSA hijacking traffic coming out of exit nodes [1], >> I'm wondering about the possibilities for building counter measures into exit >> nodes. To start it might be something as simple as bundling some type alternate >> CA system such Convergence into exit nodes [2]. Have exit nodes compare what >> they're seeing, and raise a flag if they see anything suspicious. > > We can't do that at the exit node level. This would mean snooping on the > traffic relayed to perform extra verification. Even with good intents, > looking at the traffic is a big no-no: legal protections given to exit > node operators in most countries relies on not having knowledge of what > goes through. Don't "we" already run some sort of exit node checking tool that sends sample traffic and verifies that it isnt changed. For example http://www.mail-archive.com/or-talk@xxxxxxxxxxxxx/msg13364.html
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk