[tor-talk] Convergence and Exit Nodes

krishna e bera keb at cyblings.on.ca
Tue Oct 8 13:27:40 UTC 2013

On 13-10-08 05:19 AM, Lunar wrote:
> Sean Alexandre:
>> In light of FoxAcid and the NSA hijacking traffic coming out of exit nodes [1],
>> I'm wondering about the possibilities for building counter measures into exit
>> nodes. To start it might be something as simple as bundling some type alternate
>> CA system such Convergence into exit nodes [2]. Have exit nodes compare what
>> they're seeing, and raise a flag if they see anything suspicious.
> We can't do that at the exit node level. This would mean snooping on the
> traffic relayed to perform extra verification. Even with good intents,
> looking at the traffic is a big no-no: legal protections given to exit
> node operators in most countries relies on not having knowledge of what
> goes through.

Don't "we" already run some sort of exit node checking tool that sends
sample traffic and verifies that it isnt changed.  For example

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 547 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20131008/2caef515/attachment.sig>

More information about the tor-talk mailing list