[tbb-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Dec 31 05:25:17 UTC 2017
#24351: Block Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
Reporter: nullius | Owner: tbb-
| team
Type: enhancement | Status:
| reopened
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: security, privacy, anonymity, mitm, | Actual Points:
cloudflare |
Parent ID: #18361 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by cypherpunks):
Discussion:
How do we implement this new function to "Tor Button"?
https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-
attack/
How about:
Tor Browser Security Settings
> Low (default)
Do nothing (as default description says).
Cloudflared websites will greet you captcha, and you are not sure the
website is
using Cloudflare or not.
> Medium
Cloudflare websites's title and favicon are changed, so the user can
notice it.
(from add-on's settings: "Don't show warning message; just change title
and favicon")
> High
Show a warning message on MiTMed websites.
User can create a whitelist, but it will be purged each time the user
click "New Identity"
or restart the Tor Browser.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:45>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list