[tor-talk] MITM attack on TLS
Ivan Markin
twim at riseup.net
Sat Nov 21 23:26:24 UTC 2015
Justin:
> I have calculated that he is probably too lazy to check his logs.
Dangerous! What will happen if they overcome their laziness?
If they already created CA cert and even deployed it in some way there
is no hope that laziest admin do not just save all the stuff you do (and
not MitM-ing TLS). They can and use it against you later.
> Even if Meek-Google is broken, I got more information from him that
> would indicate that he probably won’t MITM Meek-Amazon or Azure. If
> it does become dangerous, I will switch to one of those.
Does it matter which TLS to MitM if they have CA in your computer
already installed?
I recommend to switch now, meek doesn't work in this case as it's
supposed to. But it's all about your threat model and up to you.
--
Ivan Markin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20151121/285060d3/attachment.sig>
More information about the tor-talk
mailing list