[tor-talk] facebookcorewwwi on brief hiatus
carlo von lynX
lynX at time.to.get.psyced.org
Fri Dec 13 11:53:21 UTC 2019
On Fri, Dec 13, 2019 at 11:29:34AM +0000, Alec Muffett wrote:
> tldr: new TLS certificate is stuck in the pipeline for a few days, because
> onion certificates are special and weird:
Onion certificates are an oxymoron. The onion address
is self-validating. It is a bug that web browsers apply
the logic of X.509 to Tor addresses - they shouldn't
check certificates at all, or at best pin down the
public key contained in the certificate.
But there's a bigger problem: Facebook has started
hosting and linking images and media on a clearnet
site. The effect is that new avenues for locating
Facebook users are introduced.
--
E-mail is public! Talk to me in private using encryption:
// http://loupsycedyglgamf.onion/LynX/
// irc://loupsycedyglgamf.onion:67/lynX
// https://psyced.org/LynX/
More information about the tor-talk
mailing list