Thus spake morphium (morphium@xxxxxxxxxxxxx): > Hi, > > please BadExit the following nodes (for the same reason you badexit'ed > gatereloaded et al. - no valid contact info, they didn't explain their > exit policy to us, I suspect they are sniffing unencrypted Exit > traffic): > > TORy0 - 753e0b5922e34bf98f0d21cc08ea7d1adeee2f6b > TORy2 - f08f537d245a65d9c242359983718a19650a25f7 These are running a slightly modified default exit policy. They allow 443. They are fine by me. > st0nerhenge - c2f9d30118bebf3efee6d96252374082ca73c054 Funny you should mention this node. A researcher flagged it once in a test to detect sniffing, but was not able to reproduce it later. Maybe they just turned off their sniffer and got lucky :). There were also serious issues with the methodology though, and it may have been a bug in the scanning technique. However, at this point we are only going after nodes that carried unencrypted versions of both mail *and* web. The reason we did this was because another researcher actually detected another node that he *was* able to reproduce. It had this exact type of exit policy. It calls itself 'agitator'. When we found that sniffer, we looked for other exit policies similar to that one, and found the five here that caused so much controversy. We probably should have came out with all this earlier, but the researcher requested we keep their methodology secret until publication. It also needs some work in the reproducibility dept... At any rate, this node appears to (now?) carry 443. Did it's policy just change? > vivalarevolution - 29448afd5251b60a44fc79f4414423e7d026500d Same as Tory0. -- Mike Perry Mad Computer Scientist fscked.org evil labs
Attachment:
pgpv9ax1q8Oal.pgp
Description: PGP signature