>
> One thing I would really like help with is compiling a list of reasons for
> which nodes have been given the BadExit flag.
>
Hi John. Here's a couple more past discussions concerning bad exits:
JustaNode (ssl mitm?) -
http://www.mail-archive.com/or-talk@freehaven.net/msg11540.html
spacecowboy
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
On Sat, May 15, 2010 at 11:58:44PM -0400, Roger Dingledine wrote:
> On Sat, May 15, 2010 at 06:37:54PM -0700, Damian Johnson wrote:
> > Hmmm... so we aren't interested in having a clearer definition of what makes
> > up a bad exit? From the follow
On Sat, May 15, 2010 at 06:37:54PM -0700, Damian Johnson wrote:
> Hmmm... so we aren't interested in having a clearer definition of what makes
> up a bad exit? From the following I thought this is something we were
> interested in John looking into:
>
> "On the bright side though, it's looking goo
Hmmm... so we aren't interested in having a clearer definition of what makes
up a bad exit? From the following I thought this is something we were
interested in John looking into:
"On the bright side though, it's looking good that we'll be able to get a
google summer of code student to revive Mike
Anders Andersson wrote:
The way
to do better at that one is to teach users and service providers about
end-to-end authentication and encryption.
From what I've seen I don't think there is any realistic hope for any
significant number of web pages to be served with end-to-end encryption (not
su
>> The way
>> to do better at that one is to teach users and service providers about
>> end-to-end authentication and encryption.
>
> From what I've seen I don't think there is any realistic hope for any
> significant number of web pages to be served with end-to-end encryption (not
> sure what your
Roger Dingledine wrote:
On Sat, May 01, 2010 at 02:55:53PM -0700, Damian Johnson wrote:
An easy place to start would be to solicit input on or-talk for a better
definition and enumerable attributes we can look for. Some obvious starting
ones would be ssl stripping, certificate tampering (check
On Sat, May 01, 2010 at 02:55:53PM -0700, Damian Johnson wrote:
> An easy place to start would be to solicit input on or-talk for a better
> definition and enumerable attributes we can look for. Some obvious starting
> ones would be ssl stripping, certificate tampering (checking for differences
> l
Hi there John - glad to have you working with Tor! We're really anxious to
see where you go with this project since, as exemplified by the recent
incident with PrivacyNow [0], we're currently pretty miserable about
noticing and flagging bad exits.
Unfortunately our definition of a bad exit is pret
On 05/01/10 00:15, John M. Schanck wrote:
[]
> I'm going to be working on improving the Snakes on a Tor (SoaT) exit
> scanner. For those of you not familiar with it, SoaT aims to detect
> malicious, misconfigured, or heavily censored exit nodes by comparing the
> results of queries fetched across t
Hi or-talk,
My name is John Schanck, I'm a third year CS student at Hampshire College,
and I'll be working with Tor this summer through Google Summer of Code.
First, let me say how excited I am to have this opportunity - I've been
following the Tor project for several years now and can think of no
11 matches
Mail list logo
