[tor-bugs] #15951 [Tor]: FairPretender: Pretend as any hidden service in passive mode
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat May 9 17:31:10 UTC 2015
#15951: FairPretender: Pretend as any hidden service in passive mode
------------------------+-----------------------------------------
Reporter: twim | Owner: twim
Type: defect | Status: new
Priority: major | Milestone:
Component: Tor | Version:
Resolution: | Keywords: tor, hs, descriptor, tor-hs
Actual Points: | Parent ID:
Points: |
------------------------+-----------------------------------------
Comment (by arma):
Replying to [comment:1 twim]:
> Roger (arma) have another idea how to fix it. Roger, please describe it
here.
I think the other idea was for the INTRO2 cell to specify what onion
address the user thought she was going to. Then hidden services can notice
when clients are visiting them but aren't using the right address.
That approach provides more defense-in-depth against future variations on
this issue. I think it's complementary to Nick's cross-certification plan.
I also agree with Yawning that fixing this particular variant of the issue
isn't super-urgent, since ultimately it requires tricking the user into
visiting the wrong address, which is going to be bad news for the user in
plenty of other ways too.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15951#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list