[tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jan 10 08:07:47 UTC 2018
#24351: Block Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
Reporter: nullius | Owner: tbb-
| team
Type: enhancement | Status:
| reopened
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: security, privacy, anonymity, mitm, | Actual Points:
cloudflare |
Parent ID: #18361 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by akrey):
Cloudflare is not a man in the middle. Cloudflare is authorized to provide
the SSL termination for origin, by origin.
Do you say that tbb should block sites because their internal setup is
insecure (and yes, cloudflare ''is'' part of that 'internal setup')?
Should tbb also block sites that run on rented cloud machinery, because
they are inherently insecure, and subvertible by the hosting companies?
Should tbb also block google-analytics, for obvious reasons?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:56>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list