Could someone comment on why 15 exit nodes discovered to be sniffing and abusing login credentials have not been marked with the BAD EXIT flag?
The research appears to be legitimate, involved a good deal of effort, and seems credible:
https://chloe.re/2015/06/20/a-month-with-badonions/
was blogged by Sophos, also credible
https://nakedsecurity.sophos.com/2015/06/25/can-you-trust-tors-exit-nodes/
Is there an issue of trust w/r/t this security researcher? An issue of methodology and/or reproducibility? A shortage of resources to follow up? An investigation attempting to identify the operators?
The researcher writes that they received a polite reply from and was summarily ignored with no further comment. AND the exits continue to steal and abuse credentials. If true this would be contrary to the inclusiveness generally exhibited by the Tor Project.
IMO a likely password-stealing exit should be marked-first, questions asked later. If some kind of mix-up or mistake has occurred, a good operator should readily be able to defend themselves and not feel ruffled for it.