Rogue exit nodes - checking?

Matthew pumpkin at
Sat Jun 19 21:20:19 UTC 2010

This is especially dangerous if you are using Yahoo Mail, because evenif 
you trust the person who sent you the document, your attachment will be 
downloaded in plaintext (via http, not https). This means that the exit 
node you use can replace or alter your document to unmask you (or worse, 
exploit your document reader and run arbitrary code).

I am curious to know if there is a way of identifying "bad" exit nodes?  
Do people who are more technical than me (not hard!) somehow search for 
exit nodes with interesting configurations?  Or, unless you use 
StrictExitNodes and are confident of the honesty of the operator, are 
you simply hoping the exit node owner is benign?

To unsubscribe, send an e-mail to majordomo at with
unsubscribe or-talk    in the body.

More information about the tor-talk mailing list