[tor-talk] Using HTTPS Everywhere to redirect to .onion
Felix Eckhofer
felix at tribut.de
Thu Feb 27 07:20:57 UTC 2014
Hey.
Am 27.02.2014 00:27, schrieb fortasse:
> My question is does this have more potential than being a weird
> (rather effective) hack? Could we make an "onion Everywhere" as it
> were to help solve the difficult-to-remember onion names? Or is this
> just another layer of confusion that further increases the barrier of
> entry on successful Tor use?
That seems like a dangerous idea. Anyone could easily set up a
transparent proxy behind a .onion domain. If I can convince your project
to include that .onion (which sounds easy given that most site owners
will not know about it) I now have active MITM capability against anyone
using that extension.
You would have to make it very clear that it is a censorship-resistance
tool, not a privacy tool.
felix
More information about the tor-talk
mailing list