[tbb-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Nov 21 22:42:57 UTC 2017

#24351: Block Global Active Adversary Cloudflare
 Reporter:  nullius                              |          Owner:  tbb-
                                                 |  team
     Type:  enhancement                          |         Status:
                                                 |  reopened
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare                                     |
Parent ID:  #18361                               |         Points:
 Reviewer:                                       |        Sponsor:

Comment (by cypherpunks):

 Browser developer's ego incoming!

 > hugoncosta
 > Can anyone confirm if CDNs decrypt https traffic or just pass it along?

 > https://github.com/MoonchildProductions/Pale-
 > JustOff
 > Sorry, but this is utter nonsense.

 Why these people don't understand how CLoudflare works?
 They can't handle encrypted data. It must be decrypted to check data.

 Cloudflare decrypt the incoming data, test it, (collect it), then
 reencrypt and send to original server(if "Full mode" ssl).

 Now I hate Palemoon too. I'll tell this to other people. Ty Palemoon.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list