Delivery-Date: Fri, 24 Oct 2014 00:39:53 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 7CC8B1E0B7E;
	Fri, 24 Oct 2014 00:39:52 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 5AE8431279;
	Fri, 24 Oct 2014 04:39:48 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 6C8E23126A
 for <tor-talk@lists.torproject.org>; Fri, 24 Oct 2014 04:39:44 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Xz246kq79X_s for <tor-talk@lists.torproject.org>;
 Fri, 24 Oct 2014 04:39:44 +0000 (UTC)
Received: from khazad-dum.seul.org (khazad-dum.csail.mit.edu [128.31.0.47])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "moria.seul.org", Issuer "moria.seul.org" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 3DB2122335
 for <tor-talk@lists.torproject.org>; Fri, 24 Oct 2014 04:39:44 +0000 (UTC)
Received: by khazad-dum.seul.org (Postfix, from userid 501)
 id AD12D1E0B7D; Fri, 24 Oct 2014 00:39:40 -0400 (EDT)
Date: Fri, 24 Oct 2014 00:39:40 -0400
From: Roger Dingledine <arma@mit.edu>
To: tor-talk@lists.torproject.org, Josh.Pitts@leviathansecurity.com
Message-ID: <20141024043940.GM35796@moria.seul.org>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-12-10)
Subject: [tor-talk] Russian Tor exit relay messing with traffic
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi Josh,

I tried to write this comment at the bottom of
http://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries/
but your comment system wouldn't let me write into the name and email
address boxes. So I've written it here.

"""
Thanks for the detailed analysis! We've now set the BadExit flag on
this relay, so others won't accidentally run across it. We certainly do
need more people thinking about more modules for the exitmap scanner. In
general, it seems like a tough arms race to play:
https://lists.torproject.org/pipermail/tor-talk/2014-July/034219.html
and as you say, the better approach is to have applications not blindly
trust unauthenticated bits they get from the Internet.

This discussion also reminds me of the very first misbehaving exit relay
we found:
https://lists.torproject.org/pipermail/tor-talk/2006-August/001766.html
It turned out to be a Tor relay in China that was getting attacking by
its ISP, and all the Tor users were just collateral damage from the ISP
attacking all its users. I think it is alas also hard to tell if this case
was a malicious Tor relay or an innocent Tor relay's malicious upstream.
"""

Thanks again for your help, and please let us know if we can be useful
to you in the future.

--Roger

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

