[e-privacy] [force44 at Safe-mail.net: Warning about the TOR exit node "snailitper"]
Cyberiade.it Anonymous Remailer
anonymous at remailer.cyberiade.it
Sun Sep 2 02:52:22 CEST 2007
----- Forwarded message from force44 at Safe-mail.net -----
From: force44 at Safe-mail.net
Subject: Warning about the TOR exit node "snailitper"
Date: Sat, 1 Sep 2007 03:10:23 -0400
Reply-To: or-talk at freehaven.net
To: or-talk at freehaven.net
Hi!
I connect to safe-mail using secure POP (TLS on port 995), through
Tor.
I noticed today that my mail program warned me about an "unknown
certificate" on safe-mail. I checked and saw that the Tor exit node
"snailitper" (Thiensville, WI, US, IP Address: 66.191.122.19) tried to
change the certificate and send me another one.
The certificate used by snailitper was issued by a "Ciphire mail" on
Aug 4.
It seems to be a deliberate attempt to hack the connection as the
certificate shows:
Certificate S/N: B843DC85997AFD2CC6B92F5870096997A06024D230F624F4765892DF3C142DA1, algorithm: RSA (1024 bits),
issued from 19 May 2007 to 19 May 2008, for 1 host(s): mango.Safe-mail.net.
Owner: mango.Safe-mail.net, Domain Control Validated, mango.Safe-mail.net.
Issuer: Ciphire, Ciphire, Ciphire Mail.
The "issued" and "owner" fields let no doubt that it is a deliberate
forgery.
snailitper is now in my nodes blacklist.
F44
----- End forwarded message -----
More information about the E-privacy
mailing list