[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

and not a single Tor hacker was surprised...

To: Kelly John Rose <[email protected]>
Subject: and not a single Tor hacker was surprised...
From: [email protected] (coderman)
Date: Wed, 22 Jan 2014 07:44:16 -0800
Cc: cpunks <[email protected]>
In-reply-to: <[email protected]>
References: <CAJVRA1R0_fvsd9jhQLYnOKU5L0ZGLXPAQOG_cPkZaKr32BL7-g@mail.gmail.com> <[email protected]>

On Wed, Jan 22, 2014 at 7:12 AM, Kelly John Rose <[email protected]> wrote:
> To verify though, this has no effect on someone using tor and staying on
> .onion sites or if you are using https end-to-end right?

correct.

> Honestly, if you use Tor and don't use SSL that seems like laziness to
> me and deserves to be caught.

i would agree, and i would also show some sympathy towards the
unsuspecting.  anything cypherpunks can do to ensure end to end crypto
everywhere by default is another MitM and eavesdropping attack
denied....

 (someone should write more about using client-side certificates as a
method to thwart SSL MitM with a CA signing transparent proxy
adversary upstream. aka BlueCoat with "enterprise certificate"
injected or private key pilfer.)

best regards,

Follow-Ups:
- and not a single Tor hacker was surprised...
  - From: [email protected] (rysiek)
- and not a single Tor hacker was surprised...
  - From: [email protected] (Guido Witmond)

References:
- and not a single Tor hacker was surprised...
  - From: [email protected] (coderman)
- and not a single Tor hacker was surprised...
  - From: [email protected] (Kelly John Rose)

Prev by Date: dear Eve,
Next by Date: SO... APPARENTLY THEY DECIDED TO TAKE THE INTERNET
Previous by thread: and not a single Tor hacker was surprised...
Next by thread: and not a single Tor hacker was surprised...
Index(es):
- Date
- Thread