SSL MITM attack by a Tor exit

Tom Hek tor at tomhek.nl
Sun Sep 6 21:17:33 UTC 2009

Previous message: Tor-ramdisk 20090821 released
Next message: SSL MITM attack by a Tor exit
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello everyone,

The Tor exit JustaNode (fingerprint:  
dcc1c3f96b8459dc7a88e711f9cb2416126eb9d6, http://torstatus.blutmagie.de/router_detail.php?FP=dcc1c3f96b8459dc7a88e711f9cb2416126eb9d6 
) does a MITM attack on every SSL connection. The SSL certificate is  
self signed for every SSL'ed website you want to request. I think this  
exit must be marked a BadExit.

- Tom

Previous message: Tor-ramdisk 20090821 released
Next message: SSL MITM attack by a Tor exit
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the tor-talk mailing list