Unfortunately I
cannot publish source codes because attackers can adapt own techniques
(though it would be very difficult).
Yummy. Security through obscurity. Let's hope the bad guys doesn't
find out. Or do they already know?..
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
- -BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
On Sat, Jun 19, 2010 at 10:20:19PM +0100, Matthew wrote:
I am curious to know if there is a way of identifying bad exit
nodes? Do people who are more technical than me (not hard!) somehow
I dont think you are right.
There are two extremes when checking if two files are the same:
* Both files are exact byte copies - we are happy, because everything is clear
* Both files are absolutely different - we are also happy, because we
know that something is bad
But scanner which consider
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
- -BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
On Sun, Jun 20, 2010 at 11:58:45PM +0200, slush wrote:
[snip]
There are two ways how to fight attackers:
a) Opensource scanner and beat them by spending months on scanner
improvements.
b)
This is especially dangerous if you are using Yahoo Mail, because evenif
you trust the person who sent you the document, your attachment will be
downloaded in plaintext (via http, not https). This means that the exit
node you use can replace or alter your document to unmask you (or worse,
Hello,
yes, there is a way how to detect corrupted/malicious node. I wrote
Tor exit node scanner with some advanced techniques (for example
clustering or source tree analysis) as my thesis last year. During
debugging and testing I checked all exit nodes with many common pages
(google, few news
6 matches
Mail list logo
