[tor-talk] MITM attack on TLS

mick mbm at rlogin.net
Sat Nov 21 22:36:49 UTC 2015


On Sat, 21 Nov 2015 16:56:12 -0500
Allen <allenpmd at gmail.com> allegedly wrote:

> >
> > > SSH is probably more dangerous than OBFS4 because it coulee be
> > > detected
> > with a DPI fingerprint.  They might question that.  I think Tor with
> > transports is good.
> >
> > On that paranioa level OBFS4 is as dangerous as SSH - it doesn't
> > matter if they see traffic they can fingerprint as ssh or they see
> > traffic they cannot fingerprint. They get suspicious in both cases.
> >
> >
> Personally, I would think SSH is much safer.  It is used by IT people
> all the time for server management, so they will understand it.  The
> destination address will be a cloud server, which you can simply say
> you are using for a personal project.  OBFS4 on the other hand is not
> normally used by IT people--it is used to get around IT people.  They
> will immediately be very suspicious if they are able to figure out the
> protocol.  And the destination IP address is who-knows-what, which
> could by itself raise questions and might even lead them to think a
> computer on their network could be infected with a virus that needs
> immediate investigation.  In the end, a protocol they know and
> understand and use in their own work will be much less threatening to
> them than something they don't.

To the OP (and others who may wish to try something similar) my strong
advice is "don't, just don't". I've been a network admin and sysadmin
on corporate systems. Unauthorised traffic on such a network /will/
attract attention, /will/ piss off the admins and almost /certainly
will/ result in disciplinary action including and up to summary
dismissal depending upon the terms of your contract.

Mick

---------------------------------------------------------------------

 Mick Morgan
 gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
 http://baldric.net

---------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20151121/d439f619/attachment.sig>


More information about the tor-talk mailing list