[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor spying

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor spying
From: Mike Perry <mikeperry@xxxxxxxxxx>
Date: Thu, 8 Sep 2011 00:05:31 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 08 Sep 2011 03:05:47 -0400
In-reply-to: <20110908061942.363E96B684@xxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1315448481.61925.YahooMailClassic@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <201109072352.03111.andrew@xxxxxxxxxxxxxx> <20110908061942.363E96B684@xxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.4.2.2i

Thus spake Greg Kalitnikoff (kalitnikoff@xxxxxxxxxxxxxxxx):

> Andrew Lewman <andrew@xxxxxxxxxxxxxx> wrote:
> > Moxie is a smart guy, his answer to the CA issues, and therefore his own 
> > sslsniff/sslstrip attack is currently http://convergence.io/. I think Moxie's 
> > on the list, he can reply as well.
> 
> Do you consider including Convergence (or similar extension -
> Perspectives http://www.networknotary.org/firefox.html) to official
> TorBrowser? I think the idea of distributed notaries is something that
> ssl security would evolve to.

Yes. We haven't included Perspectives and related pre-Convergence
addons because the Firefox APIs are not sophisticated enough to notify
the user of SSL MITM before your browser sent authentication data. They
expect to improve them soon, but confusion still remains:
https://bugzilla.mozilla.org/show_bug.cgi?id=644640

IIRC, Moxie's Convergence bypasses the API problem by creating a
synthetic proxy that MITMs you and re-signs your HTTPS certificates as
either "good" or "bad" internally (after notary verification) to
prevent the authentication transmission. It also makes use of OpenSSL
functions for certificate inspection through js-ctypes, which adds a
little more complexity into the mix.

While functional, this approach needs to be reviewed and digested a
bit by the security community before we jump right on board and toss
it in. It will also require some testing and auditing to ensure it
properly behaves with Tor's proxy in all cases. 

We don't have to do this testing ourselves (indeed, it is not high
priority right now - we don't even have a trac ticket for it), but
we'd like an external audit to be well documented and thorough if we
were to rely on it. The audit should also be done with Tor Browser
Bundle.

AFAIK, Tor Browser Bundle users should be able to install his XPI and
use it now, but beware that doing so will reduce your anonymity set to
exit node observers (due to the presumably low adoption rate of
Convergence today).

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgpsuZ2w11c2e.pgp
Description: PGP signature

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor spying
  - From: Indie Intel
- Re: [tor-talk] Tor spying
  - From: Andrew Lewman
- Re: [tor-talk] Tor spying
  - From: Greg Kalitnikoff

Prev by Author: Re: [tor-talk] Using public Wi-Fi for access
Next by Author: Re: [tor-talk] TBB 2.2.32 & Automatic Updates
Previous by thread: Re: [tor-talk] Tor spying
Next by thread: [tor-talk] Posting on BBS with the TBB
Index(es):
- Author
- Thread