[tbb-bugs] #24351 [Applications/Tor Browser]: Fuck Global Active Adversary Cloudflare
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jan 15 23:26:17 UTC 2018
#24351: Fuck Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
Reporter: nullius | Owner: tbb-
| team
Type: enhancement | Status:
| reopened
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Critical | Resolution:
Keywords: security, privacy, anonymity, mitm, | Actual Points:
cloudflare |
Parent ID: #18361 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by cypherpunks):
> It is authorized by both websites owners (who have explicitly made staps
to use it),
> and website users (who agree with websites' ToS in order to use it)
Not all people read long TOS. You can find many people who didn't realize
how Cloudflare works in technical way, JUST LIKE YOU.
"And website users" is incorrect. Not all websites have TOS. For example,
this trac.torproject.org. Where's TOS? I didn't agree to anything!
Another problem is I did not allow Cloudflare to read anything. They are
silently standing between me and website owner, who signed up CF for FREE,
$0, COMODO HTTPS certificate.
WhatTheFuckEver, by Wikipedia's DEFINITION, this is clearly called "MITM
ATTACK".
Don't like it? Edit Wikipedia.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:63>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list