Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by dcf):

 A guess: the web server has some kind of automated anti-abuse system, and
 when it decides that it doesn't want to serve a client, it serves a 302
 redirect instead of, say, a 403 Forbidden. The choice of FSB as a
 destination could be a kind of joke?

 It cannot be a Great Firewall–like TCP injection, because the connection
 is HTTPS (even with HSTS and HPKP). It has to be the remote server sending
 the redirect.

 comment:6 suggests the server is hacked—that's plausible if, say, there
 are 10 servers behind a load balancer and one of them is hacked. But that
 wouldn't explain why, in comment:7, non-Tor connections do not get the
 redirect. It seems more likely to me that it's some kind of attack
 detection, or something like that, on the server, and that Tor exits are
 more likely to be on the wrong side of the classification.

 Here is what the redirect response looks like (it's HTTP/2, so the header
 does not literally look like that, but it has the same meaning):
 {{{
 HTTP/2 302
 server: nginx
 date: Wed, 07 Mar 2018 19:38:45 GMT
 content-type: text/html
 location: http://fsb.ru//
 strict-transport-security: max-age=31536000; includeSubdomains; preload
 public-key-pins: pin-
 sha256="YNlv8uD4wQgJXGVEKa2RM0ItL2HRpGH+hWj3d45rVfk="; pin-
 sha256="pNFoaDvUW2YZ3wk540oPKyZy5JLjbyt+EO6lOhp2C5M="; pin-
 sha256="h3O7Czw4r8fXsxIT19BCQrmDRfsYLuXJ1CG7OiTWet8="; pin-
 sha256="GJvPuGTcBJ/0S0R2JFCAv1t9Rh1If4z7T/L7n/BXjdM="; pin-
 sha256="M/OFIZXw+4BOvCmzEtCCYr2R3CXGQirQD5MUKPQ4VGc="; max-age=15768000
 x-frame-options: SAMEORIGIN
 x-xss-protection: 1; mode=block

 
 302 Found
 
 302 Found
 nginx
 
 
 }}}

 I got this with `torsocks -i curl -D header https://psb4ukr.org | tee
 body`. As in comment:2, I had to try maybe about 10 times before getting
 the redirect rather than the actual web page.

 Interestingly, when I use wget rather than curl, I get the redirect every
 time. With `torsocks -i wget -S https://psb4ukr.org`:
 {{{
 Resolving psb4ukr.org (psb4ukr.org)... 158.69.100.131
 Connecting to psb4ukr.org (psb4ukr.org)|158.69.100.131|:443... connected.
 HTTP request sent, awaiting response...
   HTTP/1.1 302 Moved Temporarily
   Server: nginx
   Date: Wed, 07 Mar 2018 19:43:19 GMT
   Content-Type: text/html
   Transfer-Encoding: chunked
   Connection: keep-alive
   Location: http://fsb.ru//
   Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
   Public-Key-Pins: pin-
 sha256="YNlv8uD4wQgJXGVEKa2RM0ItL2HRpGH+hWj3d45rVfk="; pin-
 sha256="pNFoaDvUW2YZ3wk540oPKyZy5JLjbyt+EO6lOhp2C5M="; pin-
 sha256="h3O7Czw4r8fXsxIT19BCQrmDRfsYLuXJ1CG7OiTWet8="; pin-
 sha256="GJvPuGTcBJ/0S0R2JFCAv1t9Rh1If4z7T/L7n/BXjdM="; pin-
 sha256="M/OFIZXw+4BOvCmzEtCCYr2R3CXGQirQD5MUKPQ4VGc="; max-age=15768000
   X-Frame-Options: SAMEORIGIN
   X-XSS-Protection: 1; mode=block
 Location: http://fsb.ru// [following]
 }}}

 For comparison, here is what a non-redirected header looks like (notice
 the `server` is different):
 {{{
 HTTP/2 200
 date: Wed, 07 Mar 2018 19:34:56 GMT
 content-type: text/html; charset=UTF-8
 vary: Accept-Encoding
 vary: Accept-Encoding
 age: 16805
 server: NATO HPWS/3.0
 cache-control: piblic; max-age=900
 x-cache: HIT
 strict-transport-security: max-age=31536000; includeSubdomains; preload
 public-key-pins: pin-
 sha256="YNlv8uD4wQgJXGVEKa2RM0ItL2HRpGH+hWj3d45rVfk="; pin-
 sha256="pNFoaDvUW2YZ3wk540oPKyZy5JLjbyt+EO6lOhp2C5M="; pin-
 sha256="h3O7Czw4r8fXsxIT19BCQrmDRfsYLuXJ1CG7OiTWet8="; pin-
 sha256="GJvPuGTcBJ/0S0R2JFCAv1t9Rh1If4z7T/L7n/BXjdM="; pin-
 sha256="M/OFIZXw+4BOvCmzEtCCYr2R3CXGQirQD5MUKPQ4VGc="; max-age=15768000
 x-frame-options: SAMEORIGIN
 x-xss-protection: 1; mode=block

 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 Replying to [comment:11 timur.davletshin]:
 > But there is one thing I still don't get — why do we get this redirect
 only in Tor?
 Maybe you hit a Russian exit node?

 In any case, to guarantee end-to-end authentication to make sure you're
 talking to the right server => use their onion service.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by timur.davletshin):

 Replying to [comment:9 cypherpunks]:
 > By the way you can use the following other methods to access it without
 redirect in the Tor Browser:
 >
 > 1) Go to `https://via.hypothes.is/https://psb4ukr.org`
 >
 > 2) a) Go to Wayback machine
 `https://web.archive.org/save/https://psb4ukr.org`
 >
 > 2) b) Go to Wayback machine onion
 `http://web.archivecaslytosk.onion/save/https://psb4ukr.org`
 >
 > 3) a) Go to archive.fo
 `https://archive.fo/?run=1=https://psb4ukr.org`
 >
 > 3) b) Go to archive.fo onion
 `http://archivecaslytosk.onion/?run=1=https://psb4ukr.org`
 >
 > 4) Use web proxies like `https://hidester.net/proxy` or
 `https://www.proxysite.com` or `https://hide.me/en/proxy` or
 `https://www.youtubeunblocks.com`
 >
 > 5) Search for psb4ukr.org in `https://searx.me` and click on the Proxy
 link in the search results

 Thanks for your recommendation.

 But there is one thing I still don't get — why do we get this redirect
 only in Tor?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 They even have an onion service of their own
 `http://psb4uklopi7ocb5l.onion` ;)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 By the way you can use the following other methods to access it without
 redirect in the Tor Browser:

 1) Go to `https://via.hypothes.is/https://psb4ukr.org`

 2) a) Go to Wayback machine
 `https://web.archive.org/save/https://psb4ukr.org`

 2) b) Go to Wayback machine onion
 `http://web.archivecaslytosk.onion/save/https://psb4ukr.org`

 3) a) Go to archive.fo `https://archive.fo/?run=1=https://psb4ukr.org`

 3) b) Go to archive.fo onion
 `http://archivecaslytosk.onion/?run=1=https://psb4ukr.org`

 4) Use web proxies like `https://hidester.net/proxy` or
 `https://www.proxysite.com` or `https://hide.me/en/proxy` or
 `https://www.youtubeunblocks.com`

 5) Search for psb4ukr.org in `https://searx.me` and click on the Proxy
 link in the search results

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+---
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by timur.davletshin):

 * status:  new => closed
 * resolution:   => not a bug


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Replying to [comment:6 timur.davletshin]:
 > Replying to [comment:5 Dbryrtfbcbhgf]:
 > > Replying to [comment:4 timur.davletshin]:
 > > > Replying to [comment:3 Dbryrtfbcbhgf]:
 > > > > Replying to [comment:2 timur.davletshin]:
 > > > > > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > > > > > Odd, even when I use the sites IP 158.69.100.131 I will still
 get the error if I keep creating a new circuit to that website.
 > > > > >
 > > > > > It does work for me 9 out of 10. But when I get redirected to
 FSB I start developing paranoia.
 > > > > I live outside of Russia and I'm still getting the message so I
 don't think you should be paranoid, lets see what the Tor Devs say.
 > > >
 > > > Do you get FSB redirect too?
 > > Yes I do, It does not happen immediately bug after I create many
 Circuits and the only way to solve it is to restart tor browser as you
 said above.
 >
 > Thanks a lot! So most likely it's not Tor's problem. Looks like FSB just
 hacked site they hate so much.
 Sure, When I visit the website using my Non-Tor connection I do not get
 the FSB redirect.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by timur.davletshin):

 Replying to [comment:5 Dbryrtfbcbhgf]:
 > Replying to [comment:4 timur.davletshin]:
 > > Replying to [comment:3 Dbryrtfbcbhgf]:
 > > > Replying to [comment:2 timur.davletshin]:
 > > > > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > > > > Odd, even when I use the sites IP 158.69.100.131 I will still
 get the error if I keep creating a new circuit to that website.
 > > > >
 > > > > It does work for me 9 out of 10. But when I get redirected to FSB
 I start developing paranoia.
 > > > I live outside of Russia and I'm still getting the message so I
 don't think you should be paranoid, lets see what the Tor Devs say.
 > >
 > > Do you get FSB redirect too?
 > Yes I do, It does not happen immediately bug after I create many
 Circuits and the only way to solve it is to restart tor browser as you
 said above.

 Thanks a lot! So most likely it's not Tor's problem. Looks like FSB just
 hacked site they hate so much.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Replying to [comment:4 timur.davletshin]:
 > Replying to [comment:3 Dbryrtfbcbhgf]:
 > > Replying to [comment:2 timur.davletshin]:
 > > > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > > > Odd, even when I use the sites IP 158.69.100.131 I will still get
 the error if I keep creating a new circuit to that website.
 > > >
 > > > It does work for me 9 out of 10. But when I get redirected to FSB I
 start developing paranoia.
 > > I live outside of Russia and I'm still getting the message so I don't
 think you should be paranoid, lets see what the Tor Devs say.
 >
 > Do you get FSB redirect too?
 Yes I do, It does not happen immediately bug after I create many Circuits
 and the only way to solve it is to restart tor browser as you said above.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by timur.davletshin):

 Replying to [comment:3 Dbryrtfbcbhgf]:
 > Replying to [comment:2 timur.davletshin]:
 > > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > > Odd, even when I use the sites IP 158.69.100.131 I will still get
 the error if I keep creating a new circuit to that website.
 > >
 > > It does work for me 9 out of 10. But when I get redirected to FSB I
 start developing paranoia.
 > I live outside of Russia and I'm still getting the message so I don't
 think you should be paranoid, lets see what the Tor Devs say.

 Do you get FSB redirect too?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Replying to [comment:2 timur.davletshin]:
 > Replying to [comment:1 Dbryrtfbcbhgf]:
 > > Odd, even when I use the sites IP 158.69.100.131 I will still get the
 error if I keep creating a new circuit to that website.
 >
 > It does work for me 9 out of 10. But when I get redirected to FSB I
 start developing paranoia.
 I live outside of Russia and I'm still getting the message so I don't
 think you should be paranoid, lets see what the Tor Devs say.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by timur.davletshin):

 Replying to [comment:1 Dbryrtfbcbhgf]:
 > Odd, even when I use the sites IP 158.69.100.131 I will still get the
 error if I keep creating a new circuit to that website.

 It does work for me 9 out of 10. But when I get redirected to FSB I start
 developing paranoia.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by Dbryrtfbcbhgf):

 Odd, even when I use the sites ip 158.69.100.131 I will still get the
 error if I keep creating a new circuit to that website.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25445 [Core Tor/Tor]: Opening site in Tor Browser redirects to FSB

2018-03-07 Thread Tor Bug Tracker & Wiki 
#25445: Opening site in Tor Browser redirects to FSB
--+
 Reporter:  timur.davletshin  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by timur.davletshin):

 * Attachment "Untitled1.png" added.

 Site redirects to FSB

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs