Malicious Exit Nodes?

Sat Aug 6 00:13:34 UTC 2005

Thus spake Hideki Saito (hidekis at gmail.com):

> If it is AIM, you can type "1" when that message appears to force
> logoff people in other connection.

That may solve the problem of stolen messages after you log back in,
but what about while you are offline.

Is this "keeping a connection open" actually a property of Tor? Or is
it some bug? Or do we actually have rogue exit nodes operating here?

Should I make some effort to make a list of exits this happens for?

> 2005/8/4, Harry Hoffman <hhoffman at ip-solutions.net>:
> > Mike,
> > 
> > Yep, it happens quite frequently to me. I haven't been able to investigate
> > yet so I don't IM thru tor right now :-(
> > 
> > but remember that if someone wanted to they can steal your creds on their
> > exit node.
> > 
> > Cheers,
> > Harry
> > 
> > 
> > On Thu, 4 Aug 2005, Mike Perry wrote:
> > 
> > > Is anyone else experiencing issues with remaining logged on to AIM
> > > (specifically gaim) after signing off when using Tor? For some reason
> > > even after explicitly going to signoff, my screenname remains online
> > > and I lose IMs. When I go to sign on again I get the annoying "Your
> > > AIM account is being used in another location", sometimes even hours
> > > later.
> > >
> > > I don't really know the AIM protocol, but doesn't it log you out
> > > automatically normally as soon as the TCP connection dies? Perhaps Tor
> > > isn't properly terminating randomly dropped circuits? But what about
> > > when I deliberately go to signoff?
> > >
> > > This is obviously distressing, because what is to stop someone from
> > > say, intercepting and then dropping my logoff at an exit server and
> > > then keeping the connection alive to recieve copies of my IMs..
> > >
> > > --
> > > Mike Perry
> > > Mad Computer Scientist
> > > fscked.org evil labs
> > >
> > 
> 
> 
> -- 
> Hideki Saito mailto: hidekis at gmail.com

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs