[tor-bugs] #5477 [EFF-HTTPS Everywhere]: Critical security vulnerability is caused by HTTPS-Everywhere enabled
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Apr 17 02:29:26 UTC 2012
#5477: Critical security vulnerability is caused by HTTPS-Everywhere enabled
------------------------------------------------------+---------------------
Reporter: Drugoy | Owner: pde
Type: defect | Status: new
Priority: critical | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: address spoofing, critical vulnerability | Parent:
Points: | Actualpoints:
------------------------------------------------------+---------------------
Comment(by Drugoy):
tchevalier,
Obviously no one. The extension remains critically vulnerable and many
users don't even know about it.
3+ weeks have passed and it's still not fixed.
I think I will delete this extension at all, since while it is disabled it
has no use, and if it's enabled - then you can't be sure anymore that the
page you are viewing is the one you think it is.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5477#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list