-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thanks for your reply
David Stainton wrote:
Yes and no. HTTPS/Onion services prevents successful TCP injection attacks when the attacker doesn't know the key material... therefore to make this claim about HTTPS in general seems rather sketchy given that many CA's have been pwn'ed (and subpoena'ed?) in the past.
Haha, you're right! HTTPS key exchange is broke. Always a good laugh, though.
TCP injection attacks are not the same as man-in-the-middle attacks... but rather are categorized as man-on-the-side. The difference is important because MoS is *much* cheaper for these various (not just NSA) entities to execute. MoS means you do not have to pwn a route endpoint at the site of your TCP injections... you can inject from almost anywhere as long as you can win the race.
I will discuss this point in my write up... and I will write a section specifically for Tor exit relay operators who are interested in using HoneyBadger.
What about the approach of detecting/preventing those attacks at the user endpoint. Like enforcing HTTPS-connection (HTTPS-Everywhere) and prohibiting/announcing redirects.