client bug in and a new bad exit: exoassist

Scott Bennett bennett at
Mon Feb 1 04:36:11 UTC 2010

     On Sun, 31 Jan 2010 23:10:42 -0500 Flamsmark <flamsmark at>
>On 31 January 2010 21:58, Scott Bennett <bennett at> wrote:
>>     So it appears that a) there is a new tor client bug in
>> that
>> leaves the "exoassist.exit" in the name passed along from its SOCKS
>> listener
>> to the destination port.
>Isn't .exit deprecated because it's a potential vector for attack?
     Sure.  However, I don't see it as being useful for attack if the user
only uses it to test for bad exits.  IIRC, no simple replacement for that
purpose has yet appeared, so I have it allowed in my torrc for precisely
that purpose.  As long as the code exists and can be enabled via a torrc
option, then it should continue to work correctly.
     Nevertheless, "exoassist" is a bad exit and should be flagged as such.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
To unsubscribe, send an e-mail to majordomo at with
unsubscribe or-talk    in the body.

More information about the tor-talk mailing list