Let's say I am browsing the Internet using Tor - visiting http://ift.tt/1uz9aS2 - and the NSA is operating the Tor exit node which I am currently routed to use.
Can that NSA exit relay swap the HTTPS certificate with their own (and then assume that I accept it, either manually or automatically), capturing or modifying all traffic I receive and give to example.com - just like a proxy, your employer, or your ISP can?
Or is directly browsing a HTTPS site on Tor immune to such a 'malicious exit node' attack - and only unencrypted packets can ever be seen or modified by them?
(N.b. I use HTTP Nowhere to mitigate against vulnerabilities like sslstrip - so I am only talking about the specific scenario of exit node replacing certificates on-the-fly to decrypt the traffic themselves, assuming again that I accept their certificate by whatever means that occurs.)
Aucun commentaire:
Enregistrer un commentaire