[tor-talk] MITM attack on TLS
Ivan Markin
twim at riseup.net
Fri Nov 20 22:33:59 UTC 2015
Justin Davis:
> Just to give more information, the
> attack will be done by having every network user install a root cert
> in our browsers.
Be twice (or more) careful if someone have access to your computer in
such way. They can even dump _anything_ that you're looking via Tor. For
instance, they can sniff SOCKS5 TBB<->tor connection.
In other case just delete malicious CA certs (if you have these
permissions).
--
Ivan Markin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20151120/082e1eba/attachment.sig>
More information about the tor-talk
mailing list