On 2009-02-09 Scott Bennett wrote: > Some time ago, a tor relay called "apple" appeared. "apple" was > found to be a crooked exit relay in that it was replacing the URLs of > its exiting traffic with URLs of the form > > https://kangnam.megapass.net:7003/index.html?sso=121.138.5.103&no=8403&origin=OriginalURL > > where "OriginalURL" was the URL requested by whatever tor client built > the circuit using "apple" as its exit relay. "apple" frequently > restarted under different IP addresses. Its perfidy was reported > here, and eventually [*ahem*] the directory authority operators > flagged it as a BADEXIT, so that tor clients around the globe would > avoid using "apple" as an exit. > "apple" disappeared after that for a time, but now it's back. It > still uses varying IP addresses, but has changed its private OR key, > perhaps to avoid recognition as a bad exit. Unfortunately, there is > no good way for the software to recognize a corrupt tor operator, but > it should be given a BADEXIT flag for its *name*, as well as its new > key, to force "apple"'s crooked operator to change his/her relay's > torrc file next time. It isn't much, but anything is a help.
Thank you for the explanation. Regards Ansgar Wiechers -- "The Mac OS X kernel should never panic because, when it does, it seriously inconveniences the user." --http://developer.apple.com/technotes/tn2004/tn2118.html