Hints and Tips for Whistleblowers - their comments on Tor and SSL - I don't understand.

Wed Oct 27 19:00:57 UTC 2010

On Wed, Oct 27, 2010 at 11:49 AM, Jan Weiher <jan at buksy.de> wrote:
> ... I'm
> not aware of any negative impacts on privacy due to the usage of
> https://,

client certificates, although fortunately these are difficult to
leverage surreptitiously...

> ... but without, there is the danger of eavesdropping at the exit
> node.

this is definitely the riskiest aspect and why https is awesome when
used correctly. sadly, most https sites don't use https correctly.
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/