[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] MITM attack on TLS

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] MITM attack on TLS
From: Justin <davisjustin002@xxxxxxxxx>
Date: Fri, 20 Nov 2015 17:15:13 -0600
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 20 Nov 2015 18:15:26 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=40wGCNQ9MTekHSiJCGEnx4vhheaqgHVGDwzwjJhw91Y=; b=FnaklzTlvgRxhpw7UiMdWxuXA3Rb7MBi+tXeMBTTWdkk/092aH8Syn9R8q/iy/X/Ju RSn3oPZOicWSSaD1Au2g/tLAdSpU/a+4qVy54d1qEHgdauLpqcS1Yc7AY4gc/y3f9vhU W7jE5m8xk8E2fC45ynfJ/evT4BrWmo7/GRzyKFRaINtLJ6mGhGaP1Zk+NABGb3SR5aAi xSJJI5n6u2kzM5Pe21VFI8rigg0Mm8mpsHcFyV6uH6X6DfRzSstDFZxl5H6hG4SBN8Oi MpTNuhvhMPnvi2rPhAWMjmez9OziKpVWYM50FXEqhTIOmeSZeJvoChu3W8fevj70N00R 6aqA==
In-reply-to: <564FA467.3060905@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAPjf7ZXsPCo2U0rXD2uXWsrxc5Do=9_1KUyY1JrU+gYztNdXbg@xxxxxxxxxxxxxx> <564F9FD7.3060803@xxxxxxxxxx> <AA7E7174-841B-4710-BFFA-0CE406F9F22F@xxxxxxxxx> <564FA467.3060905@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Hello,
I think I will use OBFS4.  When it comes to the cert, I will probably have the option not to install it.  By the way if you want more security and you’re really in trouble you should Tails.
https://tails.boum.org
Read the documentation!

> On Nov 20, 2015, at 4:53 PM, Ivan Markin <twim@xxxxxxxxxx> wrote:
> 
> Justin:
>> Also, I have no option but to keep the cert because if I don’t the
>> filter may use DPI to block TLS for me.
> 
> Funny! I mean that you're already have no TLS, because actual TLS is
> terminated at your ITDep. You should remove these CAs - you have nothing
> to lose!
> When TLS is blocked (looks too problematically when it comes to the
> reasons of this censorship, but possible) try another Pluggable Transport.
> 
> -- 
> Ivan Markin
> 
> -- 
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] MITM attack on TLS
  - From: Justin Davis
- Re: [tor-talk] MITM attack on TLS
  - From: Ivan Markin
- Re: [tor-talk] MITM attack on TLS
  - From: Justin
- Re: [tor-talk] MITM attack on TLS
  - From: Ivan Markin

Prev by Author: Re: [tor-talk] MITM attack on TLS
Next by Author: Re: [tor-talk] MITM attack on TLS
Previous by thread: Re: [tor-talk] MITM attack on TLS
Next by thread: Re: [tor-talk] MITM attack on TLS
Index(es):
- Author
- Thread