From 46a82dbd1ba5a2162063e7e57e85159953208e03 Mon Sep 17 00:00:00 2001 From: Amolith Date: Fri, 24 May 2019 11:25:04 -0400 Subject: [PATCH] switch MiTM with MITM - #8 --- README.md | 10 +++++----- article.txt | 8 ++++---- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index de6d246d..6528880d 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ --- -"The Great Cloudwall" is [CloudFlare](https://www.cloudflare.com/), the world's [largest](https://w3techs.com/technologies/history_overview/proxy) MiTM proxy([reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy)). +"The Great Cloudwall" is [CloudFlare](https://www.cloudflare.com/), the world's [largest](https://w3techs.com/technologies/history_overview/proxy) MITM proxy([reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy)). It sits between you and origin webserver, acting like a [border patrol agent](https://www.cbp.gov/careers/bpa). The origin webserver administrator allowed the agent to decide who can access to their "_web property_" and define "_restricted area_". Take a look at the second image posted below. You will think Cloudflare block _only_ attackers. It's not. @@ -196,14 +196,14 @@ Also see [Frequently Asked Questions](faq.md). * Add WTF-Cloudflare news to [NEWS.md](NEWS.md) -* Search something on [Searxes Tor](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) or [clearnet](https://searxes.eu.org/) (this will help collecting Searxes' "MiTM domains") +* Search something on [Searxes Tor](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) or [clearnet](https://searxes.eu.org/) (this will help collecting Searxes' "MITM domains") * Take a look at add-on code and try it | Name | Firefox | Chrome | | -------- | -------- | -------- | -| Block Cloudflare MiTM Attack | [Code](addon_firefox/bcma) | [Code](addon_chrome/bcma) | -| Are links vulnerable to MiTM? | [Code](addon_firefox/ismitmlink) | [Code](addon_chrome/ismitmlink) | +| Block Cloudflare MITM Attack | [Code](addon_firefox/bcma) | [Code](addon_chrome/bcma) | +| Are links vulnerable to MITM? | [Code](addon_firefox/ismitmlink) | [Code](addon_chrome/ismitmlink) | | Which website rejected me? | [Code](addon_firefox/whyrejectme) | [Code](addon_chrome/whyrejectme) | * Try & write new [Tool / Script](tool/) @@ -240,7 +240,7 @@ flagged for spam and will be deleted. See "List of services blocking Tor" for de # Who uses this list? * [Searxes](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) meta-search engine -* [Block Cloudflare MiTM Attack](https://addons.mozilla.org/en-US/firefox/addon/bcma/) add-on +* [Block Cloudflare MITM Attack](https://addons.mozilla.org/en-US/firefox/addon/bcma/) add-on * Some Browser Add-ons --- diff --git a/article.txt b/article.txt index a7a65608..e805d582 100644 --- a/article.txt +++ b/article.txt @@ -78,8 +78,8 @@ More important, though, is that it starts to form a ratchet for web browser tech "When you fetch a page from a website that is served from Cloudflare, JavaScript has been injected on-the-fly into that page by Cloudflare. And they also plant a cookie that brands your browser with a globally-unique ID. This happens even if the website is using SSL and shows a cute little padlock in your browser" [10] - Cloudflare tracks you -Even if your traffic is protected from onlookers, Cloudflare itself can see your traffic[6] because they are a MiTM[14][31]. -In addition, if Cloudflare[53] has intercepted your traffic(MiTM), so has the NSA[33]. +Even if your traffic is protected from onlookers, Cloudflare itself can see your traffic[6] because they are a MITM[14][31]. +In addition, if Cloudflare[53] has intercepted your traffic(MITM), so has the NSA[33]. "If a site uses Cloudflare, then the browser lock icon is a false promise."[14] "The short version, a rhetorical question: Would you trust a key escrow regime, in which an “authorized” entity was entrusted with the potential to decrypt all communications at will? If not, why would you trust a de facto mass decryption chokepoint at which many communications are actually decrypted?"[34] In other words, @@ -112,7 +112,7 @@ The next time a large group wakes up, millions of websites might be down (includ *Background : How Cloudflare threatens the web* -- Cloudflare is a MiTM for the whole web +- Cloudflare is a MITM for the whole web - As of 3 years ago 10% of the top 25,000 websites used Cloudflare[2] - A billion people in china are restricted by the Great Firewall[8]. Anyone who goes so far as to circumvent that must then deal with the "Great Cloudwall" for accessing the open internet. @@ -203,7 +203,7 @@ of problems that, if we don't solve them, something like Cloudflare is roughly i *Cloudflare DNS* -"DNS[50] is around, servers are insecure, proper end-to-end crypto isn't the norm hence MiTM goes unnoticed, anonymity is an edge case, routing lacks built-in resiliency to disruption, we're always going to have actors building a business model around cobbling together superficial, overapproximating mitigations."[20] +"DNS[50] is around, servers are insecure, proper end-to-end crypto isn't the norm hence MITM goes unnoticed, anonymity is an edge case, routing lacks built-in resiliency to disruption, we're always going to have actors building a business model around cobbling together superficial, overapproximating mitigations."[20] *Mozilla and Cloudflare*