[tor-talk] SIGAINT email service targeted by 70 bad exit nodes
Aymeric Vitte
vitteaymeric at gmail.com
Thu Apr 23 11:02:14 UTC 2015
Le 23/04/2015 06:08, Roger Dingledine a écrit :
>> >I know we could SSL sigaint.org, but if it is a state-actor they could just
>> >use one of their CAs and mill a key.
> This is not great logic. You're running a website without SSL, even though
> you know people are attacking you? Shouldn't your users be hassling you
> to give them better options?:)
>
> As you say, SSL is not perfect, but it does raise the bar a lot. That
> seems like the obvious next step for making your website safer for
> your users.
>
Yes, you should use SSL/TLS and you and/or your users run the very
excellent "interception detector" http://www.ianonym.com/intercept.html
Of course to be maximally efficient the tool should be installed on your
site and it should be modified not to change the proxy settings (and
then be compatible with the Tor browser, which unfortunately is
currently not the case), because if the mitm is not stupid it can see
that the destination IP in the socks message does not match your domain.
It can be tried with the secret "abcd" (abcd.sigaint.org)
--
Check the 10 M passwords list: http://peersm.com/findmyass
Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
More information about the tor-talk
mailing list