Delivery-Date: Mon, 30 Jun 2014 23:56:40 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 0A6DC1E0C74
	for <archiver@seul.org>; Mon, 30 Jun 2014 23:56:37 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0774B2E870;
	Tue,  1 Jul 2014 03:56:34 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 646A52F668
 for <tor-talk@lists.torproject.org>; Tue,  1 Jul 2014 03:51:49 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id juDEaFJVqTdP for <tor-talk@lists.torproject.org>;
 Tue,  1 Jul 2014 03:51:49 +0000 (UTC)
Received: from mail-ve0-x22e.google.com (mail-ve0-x22e.google.com
 [IPv6:2607:f8b0:400c:c01::22e])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 3DD282F3D9
 for <tor-talk@lists.torproject.org>; Tue,  1 Jul 2014 03:51:49 +0000 (UTC)
Received: by mail-ve0-f174.google.com with SMTP id jx11so9061392veb.19
 for <tor-talk@lists.torproject.org>; Mon, 30 Jun 2014 20:51:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=O9mZntLY/HLjTvEQGHa+E+hvbKxb5MDbS7/Xa/w3yOY=;
 b=W7c3D/7dgqM9ptMm/+UFRYAcJmGKAL9Ko6xHjktHRG1bQ4rdn/zHiSIECc5AJWs0a/
 WY50ncez4IXamKQfwkFmsFdwuXOVNAuMHG6PW8Fy+B5djrnG51sfI2zhhBZ45k/7t5YY
 8cDx3Rnhzs2QfcxQaVrq+QS1IgvQ9MPdzSBxPWpuxssBPElLN8by0BFrqODTVyhu6EjN
 rsrvEmBKERzeV3DvfChogF13/DM+doMB63ElszQ6pbbBKzSetUW9+P2iHG/5rHOW4DiP
 1X85LGy9hFb0VqEhkEy5knLsCHRBE++Z4g0xeF+a3BOrbVxUKlZI9I0VKcODrgsVMg45
 OMfg==
MIME-Version: 1.0
X-Received: by 10.221.55.70 with SMTP id vx6mr25194602vcb.23.1404186706589;
 Mon, 30 Jun 2014 20:51:46 -0700 (PDT)
Received: by 10.221.65.198 with HTTP; Mon, 30 Jun 2014 20:51:46 -0700 (PDT)
In-Reply-To: <CADJYzxJW2CX2vVuTC-tz1cEF_1D+wc_nYWcpkzHu0m56AeEQxA@mail.gmail.com>
References: <CADJYzxJW2CX2vVuTC-tz1cEF_1D+wc_nYWcpkzHu0m56AeEQxA@mail.gmail.com>
Date: Mon, 30 Jun 2014 23:51:46 -0400
Message-ID: <CAD2Ti2-P61HLS+TOG5mF2JhfjQ1xUV1P8=UnY862J=e4tuAmRw@mail.gmail.com>
From: grarpamp <grarpamp@gmail.com>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] Report of Pervasive Active MiTM Attack Against
	Hidden Services
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Mon, Jun 30, 2014 at 8:40 PM, Rich Jones <rich@openwatch.net> wrote:
> Has anybody responded to this claim yet?
> http://s7kgnncq3zbe3yza.onion/windex.shtml#mitm
>
> the traffic, unless this is actually a phishing-and-proxy attack and not a

It's entirely a userland link phishing to proxy game. It's been going on
for years. It's easily detectable, ultimately by timing alone. And
solveable entirely within onionland. No different than clearnet versions
of the same thing. There's nothing to respond to.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

