On 11 May 2014 02:21, intrigeri <[email protected]> wrote: > > Hi, > > Sina S wrote (10 May 2014 16:15:17 GMT) : > > I just noticed the tails torrent tracker is using http. > > Nice catch. Care to try if the same tracker is listening HTTPS, and > perhaps ask [email protected] if unsure?
It's at least listening on 443, but unfortunately my torrent-foo is not strong enough to know how to test whether it actually will serve torrents. I tried to modify the .torrent file but it didn't work, looks like there is some binary data in the file? Don't you guys know all the cool kids are using magnet links these days? :P > > > Doesn't this leave users of the tracker vulnerable to man in the > > middle attacks? > > Yes, probably. Well, I verified my most recent download manually - no funky torrent sabotage was apparent - so that is good news at least I guess :P > > Cheers, > -- > intrigeri > | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc > | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc > _______________________________________________ > Tails-dev mailing list > [email protected] > https://mailman.boum.org/listinfo/tails-dev > To unsubscribe from this list, send an empty email to > [email protected]. _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
