Yes and no. HTTPS/Onion services prevents successful TCP injection attacks when the attacker doesn't know the key material... therefore to make this claim about HTTPS in general seems rather sketchy given that many CA's have been pwn'ed (and subpoena'ed?) in the past.
TCP injection attacks are not the same as man-in-the-middle attacks... but rather are categorized as man-on-the-side. The difference is important because MoS is *much* cheaper for these various (not just NSA) entities to execute. MoS means you do not have to pwn a route endpoint at the site of your TCP injections... you can inject from almost anywhere as long as you can win the race.
I will discuss this point in my write up... and I will write a section specifically for Tor exit relay operators who are interested in using HoneyBadger.
On Wed, Apr 22, 2015 at 10:16 PM, janulrich andi@michlaustderaffe.de wrote:
hi,
Am 22.04.2015 um 20:41 schrieb David Stainton:
Did you all see this Wired article about Quantum Insert detection?
https://www.wired.com/2015/04/researchers-uncover-method-detect-nsa-quantum-...
proof me wrong but wouldn't the use of a HTTPS/OnionAddress render this attack usesless?
Whats up with the title "researchers uncover method"? Like this would be anything new? Basically it's the concept of a MITM attack which is a serious threat[1] as old as telecommunication itself. The only working solution is end to end encrypted communication. So why use inefficient and vulnerable "detection tools" to spy on tor users?
humble opinion of a barely frightened tor user.
[1]: Remark: There are sufficient opportunities for MITM attacks. (There are still guys out there surfing the web via GSM -broken crypto- on their mobiles.) _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays