[tor-bugs] #2293 [EFF-HTTPS Everywhere]: detect man in the middle attack to https
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Jan 11 23:08:54 UTC 2011
#2293: detect man in the middle attack to https
-----------------------------------+----------------------------------------
Reporter: cyrano | Owner: pde
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Resolution: wontfix | Keywords:
Parent: |
-----------------------------------+----------------------------------------
Changes (by pde):
* status: new => closed
* resolution: => wontfix
Comment:
We've thought a lot about this problem, and we have some related projects
to try to address it (https://www.eff.org/observatory). Those may lead to
some code that gets added to HTTPS Everywhere, but it won't be able to
perform strong MITM detection, because nobody knows exactly how to do
that, and especially not how to do it without introducing false positive
warnings.
In the mean time, you may be interested in these Firefox extensions which
do offer some extra protections against man in the middle attacks:
http://patrol.psyced.org/
http://www.cs.cmu.edu/~perspectives/
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2293#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list