[tor-talk] What is being detected to alert upon?
Allen
allenpmd at gmail.com
Fri May 1 14:41:03 UTC 2015
I didn't see an answer to this question, but I did compare the TLS Hello's
from Firefox and the Tor binary distributed by torproject.org and there are
lots of differences (see the two files attached), so I'm not sure this is
worth worrying about...
-----Original Message-----
From: Allen [mailto:allenpmd at gmail.com]
Sent: Thursday, April 30, 2015 5:49 PM
To: tor-talk at lists.torproject.org
Subject: RE: [tor-talk] What is being detected to alert upon?
> a connection to a Tor bridge looks kind of like regular TLS traffic.
Question: I recompiled OpenSSL to remove a bunch of features that look
unnecessary and might present a security risk, such as SSL2, SSL3 and DTLS.
(In case it matters, it is OpenSSL v1.0.2a and the specific configure
options are no-ssl2 no-ssl3 no-idea no-dtls no-psk no-srp no-dso no-npn
no-hw no-engines -DOPENSSL_NO_HEARTBEATS -DOPENSSL_USE_IPV6=0).
I'm using this rebuilt DLL with Tor. Does this compromise Tor's TLS
handshake so that it no longer looks like Firefox? If so, what so I need to
do to allow Tor to mimic Firefox's TLS handshake?
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Firefox TLS Hello.txt
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150501/ef47bd14/attachment.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Tor TLS Hello.txt
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150501/ef47bd14/attachment-0001.txt>
More information about the tor-talk
mailing list