Usually the Tor client runs on the same machine as the browser, so if you have a... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

icebraining on Oct 28, 2015 | parent | context | favorite | on: Onion names reserved by the IETF

Usually the Tor client runs on the same machine as the browser, so if you have a MITM, you probably already lost (e.g. the malware probably could have simply injected its own CA root cert into your browser).

unsignedint on Oct 29, 2015 [–]

It's somewhat of rhetorical, indeed. But it does give at least additional checks in the place. (Also potentially helps to prevent a certain class of vulnerability with hidden service, whether they are caused by a bug or attacks.)

Consider applying for YC's Summer 2025 batch! Applications are open till May 13
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact