On Sat, Aug 14, 2010 at 12:19 PM, morphium <morph...@morphium.info> wrote: >> An "exit enclave" is when a service operates a Tor exit node with an >> exit policy permitting exiting to that service. Tor will automagically >> extend circuits built to that host from three hops to four, such that >> your traffic will exit on localhost of the service you are intending to >> use. This means that users will use DDG's node when building circuits >> that terminate at duckduckgo.com or whatever. > > Oh cool, so I declare my Tor exit node as an enclave for > emailProviderNotUsingHTTPS.com and can get a lot of passwords? > > Thats easy! > > I hope enclaves in that sense don't exist! I hope thats a > misunderstanding! Such a thing would be pretty bad!
Why don't you search the archives? The exit enclave functionality has been discussed many times. It only happens when the service the user is connecting to and the exit have the same IP. Moreover, the attack you're describing already exists— though I don't know if I should encourage people shove beans up their noses by going into the details here. *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/