Delivery-Date: Thu, 05 May 2016 09:32:05 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id BC3ED1E0435;
	Thu,  5 May 2016 09:32:03 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id D7DEA38FE1;
	Thu,  5 May 2016 13:31:59 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id D007638FA4
 for <tor-talk@lists.torproject.org>; Thu,  5 May 2016 13:31:56 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 9WQMxFB8jwsg for <tor-talk@lists.torproject.org>;
 Thu,  5 May 2016 13:31:56 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id AD68038935
 for <tor-talk@lists.torproject.org>; Thu,  5 May 2016 13:31:56 +0000 (UTC)
Received: from cotinga.riseup.net (unknown [10.0.1.164])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 24B041A262F
 for <tor-talk@lists.torproject.org>; Thu,  5 May 2016 13:31:54 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1462455114; bh=Nw/S1BGsK78TVqa+9XyCoMTXABuFeC6xQ9xiS97f4gk=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=WKDv/BtYl4JD7Zg2L/HV1XwpMrEkS4idXz1RAKRiJ9ik6klFaccxHA+xsILm6UfSR
 ghMcRc7wAGYi9x5Dvx6JcBCBn9yVPYT8RG1WGl9dil5P6MrzTMerdbP2x5plOGKE4/
 UXjacLfmxG5nFO3lcCP32yNir3u9HeRc/dal5tms=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: azadi) with ESMTPSA id A11E3400AC
Date: Thu, 5 May 2016 09:31:52 -0400
From: Sukhbir Singh <azadi@riseup.net>
To: tor-talk@lists.torproject.org
Message-ID: <20160505133152.GA3101@riseup.net>
Mail-Followup-To: tor-talk@lists.torproject.org
References: <CAJ8LpWp_yr5KDSHKg0z72FL-s82QYNVaS9Ob5efzftViTqnA=Q@mail.gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <CAJ8LpWp_yr5KDSHKg0z72FL-s82QYNVaS9Ob5efzftViTqnA=Q@mail.gmail.com>
X-Virus-Scanned: clamav-milter 0.99 at mx1.riseup.net
X-Virus-Status: Clean
Subject: Re: [tor-talk] MITM attack: How to see Tor Messenger's exit node?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

* Nurmi, Juha:

> Hi,
> 
> Yesterday, when I was using Tor Messenger, I detected that Off-the-Record
> Messaging fingerprints are not matching!
> 
> There seems to be a man-in-the-middle attack. The attacker probably is an
> exit node.
> 
> I was comparing public key fingerprints through a secure outside channel.
> 
> Is there a way to see the exit node that Tor messenger is currently using?
> I need this info to test the exit node and report it to Tor Project if it
> seems to perform this man-in-the-middle attack.

Not from the interface, but we do plan to support it:

    https://trac.torproject.org/projects/tor/ticket/10950

Also, we opened #18973 to track the issue of this possible authentication bug.
Let's carry the discussion there:

    https://trac.torproject.org/projects/tor/ticket/18973

-- 
Sukhbir
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

