evil nodes
Chris Palmer
chris at eff.org
Wed Jun 1 23:29:48 UTC 2005
alexyz at uol.com.br writes:
> Is it possible for an exit node to inject malicious javascript code on
> http requests?
It's possible for any intermediary to modify content in any way. Is your
ISP trustworthy? What about the other 10 ISPs your web requests go
through?
There's no substitute for end-to-end integrity checking, such as that
provided by SSL.
--
http://www.eff.org/about/staff/#chris_palmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20050601/add856ae/attachment.pgp>
More information about the tor-talk
mailing list