[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: SSL MITM attack by a Tor exit
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: SSL MITM attack by a Tor exit
- From: Quertyf <quertyf@xxxxxxxxx>
- Date: Sun, 6 Sep 2009 23:22:04 +0200
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sun, 06 Sep 2009 17:27:38 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=4ZWRQWRswt13CWHnlbM0mpYHss+vvB3vOMdiX7igj/g=; b=di/wEJdb7vgIeTyOCOEMGkusWhN+6UEBNP81bIYcRldzkB0WrpSaKXOErtEsHvgkIk dfdorhK3HQd3FfmPT/JYaDQZ8bkjOUMKqw+9Y7zMgFMzqgOZ03k5t+1EkdjO8zKxBXX4 v9WECyljopUhVE0+vPDsez2kJiKzhs0uj0xxc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=AzoUsn2pio0NQH/xsnt4y8prguZMzXqOTVLjKtQB+r3ymf66f+vtTxgVuyMJMgrJhS zBSTbBszj7cGlC1fwckQ6rq7kldoXDM2wrEluvnHI7OFjATrkgKyX7oECtB+EKLX3pnx jjxKBRyfilnYQVedRnNt9f76LFj4s0RJlZv24=
- In-reply-to: <47260791-25AD-47E3-8BA7-EFE5072A6730@xxxxxxxxx>
- References: <47260791-25AD-47E3-8BA7-EFE5072A6730@xxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
Some interesting information about the self signed certificate:
CN: Finjan.com
OU: Vital Security
E: salesis@xxxxxxxxxx
L: Netanya
ST: Sharon
C: IL
On 9/6/09, Tom Hek <tor@xxxxxxxxx> wrote:
> Hello everyone,
>
> The Tor exit JustaNode (fingerprint:
> dcc1c3f96b8459dc7a88e711f9cb2416126eb9d6,
> http://torstatus.blutmagie.de/router_detail.php?FP=dcc1c3f96b8459dc7a88e711f9cb2416126eb9d6
> ) does a MITM attack on every SSL connection. The SSL certificate is
> self signed for every SSL'ed website you want to request. I think this
> exit must be marked a BadExit.
>
> - Tom
>