[tor-talk] detecting harmful relays
Anders Andersson
pipatron at gmail.com
Wed Jun 1 20:10:54 UTC 2011
On Wed, Jun 1, 2011 at 1:46 PM, <andrew at torproject.org> wrote:
> On Wed, Jun 01, 2011 at 05:31:41AM +0000, kraktus at googlemail.com wrote 1.9K bytes in 45 lines about:
> : A few weeks ago, there was one that tried to give me a .bin file
> : whenever I tried to visit a non-SSL website, but I haven't had a
> : problem like that since. I always rejected the .bin file.
>
> I don't think this is a malicious relay, as I get these from time to
> time as well. It only happens with firefox and only when going through
> really busy exit relays. I think it's firefox misinterpreting a partial
> stream of data as a binary file.
Not to mention there are thousands of better and easier ways to run a
malicious relay than to replace everyones data with unnamed binary
downloads.
More information about the tor-talk
mailing list