[tor-talk] Exit nodes can redirect requests?

Nathaniel Suchy me at lunorian.is
Thu Aug 9 19:02:39 UTC 2018

It's quite possible for an exit node to act maliciously, HSTS+TLS is there
to protect you from that - there are some tests across the network to
detect bad exits, nothing automated is going to out-do a human analysis of
a specific exit though.

On Thu, Aug 9, 2018 at 2:47 PM Matthew Finkel <matthew.finkel at gmail.com>

> On Thu, Aug 09, 2018 at 08:14:03PM +0200, onionsmasher at tutanota.com wrote:
> >
> > So I was browsing some old clearnet forum posts using Tails and Tor
> browser. Some posts had embedded images from a Tor hidden site via
> onion.casa gateway. That gateway site seems to be inactive nowadays.
> > I refreshed the page a few times, and sometimes Tor browser was
> attempting to load something from the same site but using tor2web.xyz
> gateway instead.
> > I checked page source and didn't spot any references to tor2web.xyz.
> > So what happened?
> Without seeing the actual website, we can only guess what caused this.
> Did you have javascript enabled in Tor Browser? Maybe there was a
> javascript file that tries alternative tor2web gateways?
> >Can exit nodes redirect requests like this?
> It depends. In theory, yes, it could in this case. This would qualify
> the exit node as a bad relay, but in practice it could detect onion.casa
> is a dead website and it sent a HTTP redirect for tor2web.xyz.
> > I mean, if original request was to site.onion.casa/foo but it was
> redirected to site.tor2web.xyz/foo?
> > This was rather strange and I don't really understand what happened. I
> think it's very questionable if exit nodes do redirects like this. Is it
> even possible? What have I not noticed?
> It seems more likely this was a feature provided by the forum, but if
> the exit relay injected a redirect from onion.casa to tor2web.xyz then
> it is a good idea to find which relay this is and investigate it.
> --
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

More information about the tor-talk mailing list