[tor-talk] The heartbleed bug, hidden service private_key leakages and IP revealing
unknown
unknown at pgpru.com
Sat Apr 12 09:00:15 UTC 2014
At first, the local interceptor can extracts private authentication key
from heartbleeded guard. Then emulate connection to IP of this guard (a
substituted faked MiTM-ed version of the Guard) for the targeted users.
Something like this can be done at the any parts of the Tor-network for
MiTMing and stripping connections between heartbleeded Tor-nodes for
extracting some parts of information about routed circuits.
On Fri, 11 Apr 2014 18:28:36 -0400
Roger Dingledine <arma at mit.edu> wrote:
> For example, I think the SSL spec says that you shouldn't be able to ask
> for a heartbeat until the SSL handshake is finished, but I think OpenSSL
> lets you ask for a heartbeat during the SSL handshake. If so, that means
> any local network mitm attacker, not just your entry guard, can intercept
> your outgoing TCP connection and ask you for some heartbeats.
>
> --Roger
More information about the tor-talk
mailing list