[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor at heart of embassy passwords leak; "ToR isn't the problem, just use it for what it's made for."



BlueStar88 wrote:
> 
> I really do not know, if it can do MITM stuff and if my ISP has such a
> box already...

maybe we first should try to find a common understanding what MITM means. Is it breaking
encrypted sessions in realtime using fake SSL certificates for example, or does it simply
mean some kind of packet sniffing against unencrypted traffic? The latter can be done quite
easy by Government, ISP, or people running Tor exits like us. A real MITM cryptographic
attack will be much more difficult to accomplish.

What are we talking about?

regards, Olaf