[tbb-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Nov 19 23:27:39 UTC 2017
#24351: Block Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
Reporter: nullius | Owner: tbb-
| team
Type: enhancement | Status: new
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: security, privacy, anonymity, mitm, | Actual Points:
cloudflare |
Parent ID: #18361 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by cypherpunks):
HTTPS Cloudflare is MITMed.
HTTP Cloudflare is MITMed(proxied via company with zero TLS protection).
Cloduflare proxied websites must be blocked.
1) Block Cloudflare certificates as untrusted. Treat it as self-signed.
2) Block certificate if CN is "^(.*)\.cloudflaressl\.com".
3) Block if "CF-Cache-Status:" or "CF-RAY:" header is found in the
response.
If 1, 2, 3 is true | then | raise "Unsecure Connection" error.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list