[tor-dev] [Proposal] Obfuscating the Tor Browser Bundle initial download
Blake Hadley
moosehadley at gmail.com
Mon May 9 21:06:22 UTC 2016
> The environment you're were in was mounting a MITM attack to break TLS,
> or has compromised your box, because the only component of the URL that
> is visible otherwise is the host in the SNI field.
>
> In such an environment, gettor in general isn't unblockable because
> there is no privacy/security for the request/response messages.
>
> Regards,
>
> --
> Yawning Angel
Sorry, I'm not completely familiar with how TLS works.
The environment requires an HTTPS proxy to reach the World Web Web.
Do HTTP proxies inherently create a situation similar to MITM?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160509/fbaee89e/attachment.sig>
More information about the tor-dev
mailing list