[WikiEN-l] Editing with open proxies

Chris Howie cdhowie at nerdshack.com
Tue Jun 19 03:07:38 UTC 2007


zetawoof wrote:
> Most open web proxies don't support https. TOR does, but that still
> doesn't obviate the risk that the server could be spoofed by an exit node.
> The Wikimedia secure server is using a CACert key; on most web browsers,
> this generates a warning which is indistinguishable from the warning
> generated by an endpoint that's performing a man-in-the-middle attack.

That's a pretty well-disguised insult there.  (I'm assuming you did not mean it
as such.)

If someone knows how to use Tor, I would think they at least have a clue how to
verify a certificate.  The warning is only indistinguishable if you either
ignore it or are incredibly dense.  Your argument defeats itself.

> To be sure, this is a problem that could theoretically be solved (by
> getting a proper certificate for the secure server). However, it remains
> the case that editing Wikipedia through an untrusted connection is unsafe,
> especially for an admin.

This demonstrates a fundamental misunderstanding of how asymmetric cryptography
works.

-- 
Chris Howie
http://www.chrishowie.com
http://en.wikipedia.org/wiki/User:Crazycomputers

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/IT d-(--) s:- a-->? C++(+++)$> UL++++ P++++$ L+++>++++ E---
W++ N o++ K? w--$ O M- V- PS--(---) PE++ Y+ PGP++ t+ 5? X-
R(+)>- tv-(--) b- DI+> D++ G>+++ e>++ h(--)>--- !r>+++ y->+++
------END GEEK CODE BLOCK------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://lists.wikimedia.org/pipermail/wikien-l/attachments/20070618/8e649f8a/attachment.pgp 


More information about the WikiEN-l mailing list