[tor-talk] MITM attack: How to see Tor Messenger's exit node?

Allen allenpmd at gmail.com
Wed May 4 12:45:12 UTC 2016

> Are there any other explanations than MITM?

A software bug.  But given that your desired opsec is to be resistant to
MitM attacks, you should always perform the required authentication steps
regardless.  Note that in any reasonable software, you shouldn't have to
compare fingerprints every conversation--instead you should only have to do
this once and the software should then store some kind of credentials so it
can perform automated authentication.  If "Tor Messager" makes you check
fingerprints every time you start a fresh conversation, you might want to
look for another solution.

More information about the tor-talk mailing list