following on from today's discussion

Matej Kovacic matej.kovacic at owca.info
Sat Aug 19 06:33:41 UTC 2006


A simple example of modifying traffic: 
http://www.schneier.com/blog/archives/2006/08/stealing_free_w.html
http://www.ex-parrot.com/~pete/upside-down-ternet.html

Could be easily applied to Tor exit point too.

However, sniffing is not a problem if you are visiting only public 
webistes (do not exchange any personal information), But traffic 
injection could be.

Remember Penet remailer? They were accused to help distribute child 
pornography. It was not true, and it was proved so later. But Penet 
admin decided to shut down the service anyway because of public preasure.
I am a little worried, that "someone" will try to destroy Tor network by 
  sniffing, injecting, downloading child pornography/hacking through Tor 
and doing other nasty things...

I was thinking about a solution to prevent traffic injection in 
non-encrypted public websites. What about having TWO conection open and 
do some kind of checking if the content is the same (maybe access the 
content from two different locations and do some MD5 check). I know the 
idea is hard to implement, since website can serve different content for 
each location or every second, and this could also mean double load of 
Tor network. But maybe someone will develop my idea into the usable 
form... If not, feel free to drop it away.

bye, Matej



More information about the tor-talk mailing list