[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] onion routing MITM

To: Tor Talk <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: [tor-talk] onion routing MITM
From: <populationsteamsir@xxxxxxxxxxxx>
Date: Tue, 26 Jan 2016 18:31:50 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 26 Jan 2016 13:32:07 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

I'm new to tor, trying to understand some stuff.

I understand the .onion TLD is not an officially recognized TLD, so it's not 
resolved by normal DNS servers. The FAQ seems to say that tor itself resolves 
these, not to an IP address, but to a hidden site somehow.

When I look at thehiddenwiki.org, I see a bunch of .onion sites, with random 
looking names. Why is this? What if someone at thehiddenwiki.org registered a 
new .onion site (for example http://somerandomletters.onion), which then 
relayed traffic to duck-duck-go (http://3g2upl4pq6kufc4m.onion)? 
Thehiddenwiki could give me the link http://somerandomletters.org, and of 
course I would never know the difference between that and 
http://3g2upl4pq6kufc4m.onion

Without trusting a CA to validate a site name, what prevents MITM attacks? Am 
I supposed to get the duckduckgo URL from a trusted friend of mine, and then 
always keep it?
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] onion routing MITM
  - From: a55deaba
- Re: [tor-talk] onion routing MITM
  - From: Coyo Stormcaller
- Re: [tor-talk] onion routing MITM
  - From: Seth David Schoen

Prev by Author: Re: [tor-talk] A multi-layer proof of work system to solve the Tor/CloudFlare problem?
Next by Author: Re: [tor-talk] onion routing MITM
Previous by thread: Re: [tor-talk] Warning: 37 new booby trapped onion sites
Next by thread: Re: [tor-talk] onion routing MITM
Index(es):
- Author
- Thread