undefined | Better HN

0 pointsthealig4y ago0 comments

the article talks about the research stumbling upon exit nodes performing MITM and other sniffing but does not refer to the exact details. is there a paper for this?

only found this paper going over systematic process of exposing bad relays - http://www.cs.kau.se/philwint/spoiled_onions/pets2014.pdf

0 comments

3 comments · 2 top-level

heavyset_go4y ago· 1 in thread

What research are you talking about? The article talks about at least two different researchers working on separate projects.

Here's the link for first one:https://web.archive.org/web/20150705184539/https://chloe.re/...

thealigOP4y ago

well, was referring to the research indicated by the title of the article- honeypot setup to detect malicious exit relays.

yes thats the one. interesting, seems they caught 15 unique relays harvesting logins. There seems to be scope to improve reporting and detection of malicious actors like this. They also have a block list on Tor's gitlab repo but doesn't seem to be up to date.

codsane4y ago

It’s not related to that particular article, but you might find this interesting, they write about a lot of similar research: https://nusenu.medium.com/tracking-one-year-of-malicious-tor...

j / k navigate · click thread line to collapse