[TWN team] Recent changes to the wiki pages

Lunar lunar at torproject.org
Tue Jan 21 14:20:04 UTC 2014 

===========================================================================
==== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2014/3 ====
===========================================================================

version 43
Author: phw
Date:   2014-01-21T13:39:01+00:00

   Slightly extend/correct the "spoiled onions" section.

--- version 42
+++ version 43
@@ -90,29 +90,30 @@
 Unfortunately, as Philipp Winter and Stefan Lindskog wrote in the
 introduction of their new research project [12], “there are exceptions:
 in the past, some exit relays were documented to have sniffed [13] and
-tampered with relayed traffic [14]. The project, dubbed “spoiled
-onions” is meant to “monitoring all exit relays for several months in
+tampered with relayed traffic [14]”. The project, dubbed “spoiled
+onions”, is meant to “monitoring all exit relays for several months in
 order to expose, document, and thwart malicious or misconfigured
 relays”.
 
 The paper [15] gives more details on the modular scanning software [16]
-that has been developed. It details on how it can detect tampering on
-the HTTP, HTTPS, SSH, and DNS protocols. The paper also highlights that
-in some occasions, it's the relay ISP that is responsible for the attack
-despite of the good faith of the operator.
-
-The authors also describe a modification to the Tor Browser that can
-help to detect man-in-the-middle attacks: if the browser is unable
-to verify a certificate, it will automatically retrieve the
-certificate again using a different Tor exit node. If the certificates
-do not match, a warning is then issued informing the user that an attack
-might be happening and offering to notify the Tor Project.
-
-Philipp and Stefan's efforts have already identified 25 bad relays that
-have subsequently been marked as such by directory authority operators.
-Even if we wish the number of problematic relays to stay low, let's hope
-this will help to identify those who try to abuse Tor users as soon as
-possible in the future.
+that has been developed. It elaborates on how it can detect tampering
+with the HTTP, HTTPS, SSH, and DNS protocols. The paper also discusses
+that occasionally it's the relay's ISP that is responsible for an attack
+despite the operator's good faith.
+
+The authors also describe an extension to Torbutton that can help with
+detecting HTTPS man-in-the-middle attacks: if the browser is unable
+to verify a certificate, it will automatically retrieve the certificate
+again using a different Tor exit node. If the certificates do not match,
+a warning can then be issued informing the user that an attack might be
+happening and offering to notify the Tor Project. However, the extension
+is merely a proof of concept and not usable at this point.
+
+Philipp and Stefan's efforts have already identified 25 malicious and
+misconfigured relays that have subsequently been marked as such by the
+directory authority operators. We want the number of problematic relays
+to remain low, so let's hope that this will help with identifying those
+who try to attack Tor users in the future.
 
  [12] http://www.cs.kau.se/philwint/spoiled_onions/
  [13] http://www.cs.columbia.edu/~mikepo/papers/tordecoys.raid11.pdf



-- 
Your friendly TWN monitoring script

      In case of malfunction, please reach out for lunar at torproject.org
          or for the worst cases, tell weasel at torproject.org to kill me.

More information about the news-team mailing list