[tor-dev] Rethinking Bad Exit Defences: Highlighting insecure and sensitive content in Tor Browser

grarpamp grarpamp at gmail.com
Sun Apr 2 07:23:55 UTC 2017

On Tue, Mar 28, 2017 at 11:31 AM, Donncha O'Cearbhaill
<donncha at donncha.is> wrote:
> The Tor bad-relay team regularly detects malicious exit relays which are
> actively manipulating Tor traffic. These attackers appear financial
> motivated and have primarily been observed modifying Bitcoin and onion
> address which are displayed on non-HTTPS web pages.
> Increasingly these attackers are becoming more selective in their
> targeting. Some attackers are only targeting a handful of pre-configured
> pages. As a result, we often rely on Tor users to report bad exits and
> the URLs which are being targeted.
> In Firefox 51, Mozilla started to highlight HTTP pages containing
> password form fields as insecure [1]. This UI clearly and directly
> highlights the risk involved in communicating sensitive data over HTTP.
> I'd like to investigate ways that we can extend a similar UI to Tor
> Browser which highlight Bitcoin and onion addressed served over HTTP. I
> understand that implementing this type of Bitcoin and onion address
> detection would be less reliable than Firefox's password field
> detection. However even if unreliable it could increase safety and
> increase user awareness about the risks of non-secure transports.
> There is certainly significant design work that needs to be done to
> implement this feature. For example, .onion origins need be treated as
> secure, but only if they don't included resources from non-secure
> origins. We would also need to make the onion/bitcoin address detection
> reliable against active obfuscation attempts by malicious exits.
> https://blog.mozilla.org/security/2017/01/20/communicating-the-dangers-of-non-secure-http/

Search OnionGatherer on this list for ui stuff.

More information about the tor-dev mailing list