[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Why make bad-relays a closed mailing list?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Why make bad-relays a closed mailing list?
From: Philipp Winter <phw@xxxxxxxxx>
Date: Thu, 31 Jul 2014 17:15:28 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 31 Jul 2014 17:15:41 -0400
In-reply-to: <20140731205818.GU2152@sescenties.(null)>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Mail-followup-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
References: <53D980B1.9020009@xxxxxxxxxxxxx> <20140731002741.GB16023@xxxxxxxxx> <53DA9757.2050602@xxxxxxxxxxxxx> <20140731201233.GA23456@xxxxxxxxx> <20140731203519.GF8819@xxxxxxxxxxxxxx> <20140731205818.GU2152@sescenties.(null)>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)

On Thu, Jul 31, 2014 at 01:58:18PM -0700, Seth David Schoen wrote:
> Roger Dingledine writes:
> 
> > But in this particular case I'm stuck, because the arms race is so
> > lopsidedly against us.
> > 
> > We can scan for whether exit relays handle certain websites poorly,
> > but if the list that we scan for is public, then exit relays can mess
> > with other websites and know they'll get away with it.
> 
> I think the remedy is ultimately HTTPS everywhere.  Then the problem
> is reduced to checking whether particular exits try to tamper with the
> reliability or capacity of flows to particular sites, or with the public
> keys that those sites present.  (And figuring out whether HTTPS and its
> implementations are cryptographically sound.)

It's not just about HTTP.  We've also seen attacks targeting SSH, SMTP,
IMAP, FTP, and XMPP.  While SSH's trust-on-first-use works reasonably
well and MitM attacks tend to be ineffective, XMPP is a different story
with at least one major client having had issues with authentication.

Cheers,
Philipp
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Why make bad-relays a closed mailing list?
  - From: Nusenu
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Philipp Winter
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Nusenu
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Philipp Winter
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Roger Dingledine
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Seth David Schoen

Prev by Author: Re: [tor-talk] Why make bad-relays a closed mailing list?
Next by Author: Re: [tor-talk] Does an Exit Node will be tagged with an "Exit" flag?
Previous by thread: Re: [tor-talk] Why make bad-relays a closed mailing list?
Next by thread: Re: [tor-talk] Why make bad-relays a closed mailing list?
Index(es):
- Author
- Thread