-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 I am not adding anything useful, but I wish to add my feeling about this situation that people are so rapidly responding to a threat so early.
:) tor will never die if people like you all are on it. (which reminds me i've blathered about writing a dns proxy patch for tor so dns leaks are a thing of the past, and i bloody better do something serious about it DANGIT!) dns poisoning is of course a bigger problem than tor, there has been discussion about the 'splitting of the root' some months ago as it turns out that dns servers will give out different addresses depending on the nation of locality. This is a very serious problem and extends beyond the domain of the tor network. I have no idea where to point people with regard to this subject but I hope someone who has a bee in their bonnet about it will very shortly. Claude LaFrenière wrote: > Hi *Alexander W. Janssen* : > >> Hi all, >> >> considering that I heard from several people that they notice strange >> sideeffects since a couple of days - altered webpage, advertisement where no >> ads should be - I started a little investigation if there are any obviously >> bogus exitnodes in the wild: >> >> http://itnomad.wordpress.com/2006/10/04/analyzing-tor-exitnodes-for-anomalies/ >> >> I welcome you to start your own investigation; if there are really bogus >> exitnodes we should be aware of those and we should know their node's >> nickname >> to put them on a shitlist. >> >> This might leed to an escalation in the future when marketeers realize the >> possibilities of altering traffic. >> >> Comments, ideas, pointers to other projects? >> >> Alex. > > Hmmm... Bogus exit nodes or bogus DNS servers ? > > Is it possible that the strange side effects comes, not from the exit nodes > themselves, but from the DNS server used by these exit nodes ? > > A kind of DNS poisonning? (From a local DNS server or Remote DNS server...) > Ref.: http://en.wikipedia.org/wiki/DNS_poisoning > > Our suspicions about "bogus exit nodes" must be based on facts > so I suggest to collect information about this issue here. > > What we can do is to report any "strange side effect" including: > > the link to the web site > the resulting link with the redirection like the ones we're talking about > the exit node used to access this web site > > > :) > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFJLAmGkOzwaes7JsRA508AJ0bN6BhDB86etVVlYPwk5/ae7a7GQCfRqZl KUW45IG2fHmy59wYA5bbA04= =usn6 -----END PGP SIGNATURE-----