-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks for your reply David Stainton wrote:
Yes and no. HTTPS/Onion services prevents successful TCP injection attacks when the attacker doesn't know the key material... therefore to make this claim about HTTPS in general seems rather sketchy given that many CA's have been pwn'ed (and subpoena'ed?) in the past.
Haha, you're right! HTTPS key exchange is broke. Always a good laugh, though.
TCP injection attacks are not the same as man-in-the-middle attacks... but rather are categorized as man-on-the-side. The difference is important because MoS is *much* cheaper for these various (not just NSA) entities to execute. MoS means you do not have to pwn a route endpoint at the site of your TCP injections... you can inject from almost anywhere as long as you can win the race.
I will discuss this point in my write up... and I will write a section specifically for Tor exit relay operators who are interested in using HoneyBadger.
What about the approach of detecting/preventing those attacks at the user endpoint. Like enforcing HTTPS-connection (HTTPS-Everywhere) and prohibiting/announcing redirects. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVOCTdAAoJEJLecH4ruDZd/OQH/Rairg+tY0CUFDYqz7WiD9O+ 87I8/lOGGQ43NnXHfp7D/tkO+L8ZLvVrXIj65x9wx/HfkTk284i6oMD8939CSviO xUkrXvTzgEk2NB+sQJszxftW3tGknDj6DGPDax+eiQDF7BB+cuWzoV4ufFA1OmGr 08X+eq8IuGbHLwdML6WqgvOicjy0m7ME1kbKLEuat8UzAyeUjCkxXmncAdcqUPZr Ng8iBS20jDGYv7mAifeKZd/i20oUAiZc7fH9210ZcxVIAHQ2B14RDZN2KlFWFQTY EiBW4GjLsI5NJs6boYoCtfM+8PYmebo1QT1gkueIXXhkeQ9Vl1TlKI+4OI4IAF0= =O54P -----END PGP SIGNATURE-----