Rogue exit nodes - checking?
Matthew
pumpkin at cotse.net
Sat Jun 19 21:20:19 UTC 2010
This is especially dangerous if you are using Yahoo Mail, because evenif
you trust the person who sent you the document, your attachment will be
downloaded in plaintext (via http, not https). This means that the exit
node you use can replace or alter your document to unmask you (or worse,
exploit your document reader and run arbitrary code).
I am curious to know if there is a way of identifying "bad" exit nodes?
Do people who are more technical than me (not hard!) somehow search for
exit nodes with interesting configurations? Or, unless you use
StrictExitNodes and are confident of the honesty of the operator, are
you simply hoping the exit node owner is benign?
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list