Hacker News new | past | comments | ask | show | jobs | submit login

I can't even see this blog. See the screenshot at http://www.miketaylor.org.uk/tmp/tor-mitm.png

Transcription follows:


Cannot connect to the real torproject.org

Something is currently interfering with your secure connection to torproject.org.

Try to reload this page in a few minutes or after switching to a new network. If you have recently connected to a new Wi-Fi network, finish logging in before reloading.

If you were to visit torproject.org right now, you might share private information with an attacker. To protect your privacy, Chrome will not load the page until it can establish a secure connection to the real torproject.org.

torproject.org has public-key pinning in Chrome, although without the "More" information I can't tell whether it's a pinning error or just that your ISP is blocking the site.

You can try running:

$ openssl s_client -connect blog.torproject.org:443 -showcerts > /tmp/log

to get the certificates that are coming back. You can copy and paste a "-----BEGIN CERTFICIATE-----" ... "-----END CERTIFICATE-----" block into `openssl x509 -text -noout` to get a dump.

I would guess that it's a self-signed certificate fronting a "sorry, this site is blocked" page.

You may want to disable your /tmp directory's files listing.

Thanks for the concern, but no worries -- that's open by design. Which isn't to say it couldn't use a bit of a tidy up.

Yes, ouch. Dude that's a lot of important-looking files.

So who could be carrying out a man-in-the-middle attack on the TOR project? It's pretty hard to think of candidates, isn't it?

Please name names. Rhetorical questions don't add to the discussion.

> Please name names?

Seriously? It's not _perfectly_ clear who I'm talking about?

It depends on the country. It could be Sky, or whoever does internet filtering in Australia, I forget who does that.

What ISP are you using?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact