Thus spake Christian Kellermann ([EMAIL PROTECTED]): > > May I say THIS IS A VERY SERIOUS ISSUE and needs to be investigated!!! > > This is the same issue with the rest of the internet. You > need to check your certificate on every connection attempt wether > through Tor or not. > > Moral issues aside, this is not more outrageous than other > misbehaving routers on the internet. What do you want to > investigate? Some tor operators sniff traffic and say so openly. If > you don't feel right about this exclude those nodes from your > circuits. > > Some people on this list have been discussing an automated check for > such things. I cannot remember the outcome though. Archives will > tell.
Yeah, I'm still working on it. Got blocked by holidays + having to review a large amount of Tor source code to do things properly. I'm trying to do some reliability checks as well for Tor nodes, so I've been slacking a little on scanning at the moment. Was hoping to get some hints from the tor devs, but they were probably similarly occupied with holiday matters. Probably best if I review all the source myself, but that is going to delay things considerably.. I should be able to get a simple exit scanner back up and running in the meantime though. -- Mike Perry Mad Computer Scientist fscked.org evil labs
