0
0
mirror of https://codeberg.org/crimeflare/cloudflare-tor synced 2024-11-13 21:02:40 +00:00

switch MiTM with MITM - #8

This commit is contained in:
Amolith 2019-05-24 11:25:04 -04:00
parent 88b04c754a
commit 46a82dbd1b
No known key found for this signature in database
GPG Key ID: 51FD40936DB0065B
2 changed files with 9 additions and 9 deletions

View File

@ -4,7 +4,7 @@
--- ---
"The Great Cloudwall" is [CloudFlare](https://www.cloudflare.com/), the world's [largest](https://w3techs.com/technologies/history_overview/proxy) MiTM proxy([reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy)). "The Great Cloudwall" is [CloudFlare](https://www.cloudflare.com/), the world's [largest](https://w3techs.com/technologies/history_overview/proxy) MITM proxy([reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy)).
It sits between you and origin webserver, acting like a [border patrol agent](https://www.cbp.gov/careers/bpa). It sits between you and origin webserver, acting like a [border patrol agent](https://www.cbp.gov/careers/bpa).
The origin webserver administrator allowed the agent to decide who can access to their "_web property_" and define "_restricted area_". The origin webserver administrator allowed the agent to decide who can access to their "_web property_" and define "_restricted area_".
Take a look at the second image posted below. You will think Cloudflare block _only_ attackers. It's not. Take a look at the second image posted below. You will think Cloudflare block _only_ attackers. It's not.
@ -196,14 +196,14 @@ Also see [Frequently Asked Questions](faq.md).
* Add WTF-Cloudflare news to [NEWS.md](NEWS.md) * Add WTF-Cloudflare news to [NEWS.md](NEWS.md)
* Search something on [Searxes Tor](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) or [clearnet](https://searxes.eu.org/) (this will help collecting Searxes' "MiTM domains") * Search something on [Searxes Tor](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) or [clearnet](https://searxes.eu.org/) (this will help collecting Searxes' "MITM domains")
* Take a look at add-on code and try it * Take a look at add-on code and try it
| Name | Firefox | Chrome | | Name | Firefox | Chrome |
| -------- | -------- | -------- | | -------- | -------- | -------- |
| Block Cloudflare MiTM Attack | [Code](addon_firefox/bcma) | [Code](addon_chrome/bcma) | | Block Cloudflare MITM Attack | [Code](addon_firefox/bcma) | [Code](addon_chrome/bcma) |
| Are links vulnerable to MiTM? | [Code](addon_firefox/ismitmlink) | [Code](addon_chrome/ismitmlink) | | Are links vulnerable to MITM? | [Code](addon_firefox/ismitmlink) | [Code](addon_chrome/ismitmlink) |
| Which website rejected me? | [Code](addon_firefox/whyrejectme) | [Code](addon_chrome/whyrejectme) | | Which website rejected me? | [Code](addon_firefox/whyrejectme) | [Code](addon_chrome/whyrejectme) |
* Try & write new [Tool / Script](tool/) * Try & write new [Tool / Script](tool/)
@ -240,7 +240,7 @@ flagged for spam and will be deleted. See "List of services blocking Tor" for de
# Who uses this list? # Who uses this list?
* [Searxes](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) meta-search engine * [Searxes](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) meta-search engine
* [Block Cloudflare MiTM Attack](https://addons.mozilla.org/en-US/firefox/addon/bcma/) add-on * [Block Cloudflare MITM Attack](https://addons.mozilla.org/en-US/firefox/addon/bcma/) add-on
* Some Browser Add-ons * Some Browser Add-ons
--- ---

View File

@ -78,8 +78,8 @@ More important, though, is that it starts to form a ratchet for web browser tech
"When you fetch a page from a website that is served from Cloudflare, JavaScript has been injected on-the-fly into that page by Cloudflare. And they also plant a cookie that brands your browser with a globally-unique ID. This happens even if the website is using SSL and shows a cute little padlock in your browser" [10] "When you fetch a page from a website that is served from Cloudflare, JavaScript has been injected on-the-fly into that page by Cloudflare. And they also plant a cookie that brands your browser with a globally-unique ID. This happens even if the website is using SSL and shows a cute little padlock in your browser" [10]
- Cloudflare tracks you - Cloudflare tracks you
Even if your traffic is protected from onlookers, Cloudflare itself can see your traffic[6] because they are a MiTM[14][31]. Even if your traffic is protected from onlookers, Cloudflare itself can see your traffic[6] because they are a MITM[14][31].
In addition, if Cloudflare[53] has intercepted your traffic(MiTM), so has the NSA[33]. In addition, if Cloudflare[53] has intercepted your traffic(MITM), so has the NSA[33].
"If a site uses Cloudflare, then the browser lock icon is a false promise."[14] "If a site uses Cloudflare, then the browser lock icon is a false promise."[14]
"The short version, a rhetorical question: Would you trust a key escrow regime, in which an “authorized” entity was entrusted with the potential to decrypt all communications at will? If not, why would you trust a de facto mass decryption chokepoint at which many communications are actually decrypted?"[34] "The short version, a rhetorical question: Would you trust a key escrow regime, in which an “authorized” entity was entrusted with the potential to decrypt all communications at will? If not, why would you trust a de facto mass decryption chokepoint at which many communications are actually decrypted?"[34]
In other words, In other words,
@ -112,7 +112,7 @@ The next time a large group wakes up, millions of websites might be down (includ
*Background : How Cloudflare threatens the web* *Background : How Cloudflare threatens the web*
- Cloudflare is a MiTM for the whole web - Cloudflare is a MITM for the whole web
- As of 3 years ago 10% of the top 25,000 websites used Cloudflare[2] - As of 3 years ago 10% of the top 25,000 websites used Cloudflare[2]
- A billion people in china are restricted by the Great Firewall[8]. Anyone who goes so far as to circumvent that must then deal with the "Great Cloudwall" for accessing the open internet. - A billion people in china are restricted by the Great Firewall[8]. Anyone who goes so far as to circumvent that must then deal with the "Great Cloudwall" for accessing the open internet.
@ -203,7 +203,7 @@ of problems that, if we don't solve them, something like Cloudflare is roughly i
*Cloudflare DNS* *Cloudflare DNS*
"DNS[50] is around, servers are insecure, proper end-to-end crypto isn't the norm hence MiTM goes unnoticed, anonymity is an edge case, routing lacks built-in resiliency to disruption, we're always going to have actors building a business model around cobbling together superficial, overapproximating mitigations."[20] "DNS[50] is around, servers are insecure, proper end-to-end crypto isn't the norm hence MITM goes unnoticed, anonymity is an edge case, routing lacks built-in resiliency to disruption, we're always going to have actors building a business model around cobbling together superficial, overapproximating mitigations."[20]
*Mozilla and Cloudflare* *Mozilla and Cloudflare*