>>> I can see it could provide some protection against...
>> No. Why do you think it could?
> - because by default - lots of additional reasons...
The shim was just supposed to be a tool so you could hook into
an http[s] stream and do whatever with it, or nothing at all.
For instance, I've always
On Mon, Aug 23, 2010 at 8:58 AM, morphium wrote:
>> I can see it could provide some
>> protection against ssl/ssh mitm attacks.
>
> No. Why do you think it could?
- because by default applications trust either a large, promiscuous
set of certificate authorities, or even worse, use the operating
s
> I can see it could provide some
> protection against ssl/ssh mitm attacks.
No. Why do you think it could?
> It could better protect the
> "browser" (or other app) by moving some of the ssl/tls/cert logic out to an
> open source proxy of sorts.
Protect? Of what? How?
> It could better protect
On Sat, Aug 21, 2010 at 6:18 PM, grarpamp wrote:
>
>
> Nothing in the open source field can do so yet afaik.
>
> To do it, a shim needs to be coded and placed between the application and
> Tor.
> user <-> browser <-> [optional tool] <-> shim <-> tor:9050
>
> The shim needs to listen on a proxy por
> > https://anonymous-proxy-servers.net/en/anontest
> As I understand it, Polipo can't scrub the headers of an HTTPS request,
Nothing in the open source field can do so yet afaik.
To do it, a shim needs to be coded and placed between the application and Tor.
user <-> browser <-> [optional tool]
5 matches
Mail list logo
