Opened 8 years ago

Closed 8 years ago

#4415 closed defect (not a bug)

Tor SSL cert issue w/ TorBrowser and w/o TorBrowser

Reported by: cypherpunks Owned by: mikeperry
Priority: Medium Milestone:
Component: Company Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Just now when I tried to visit https://www.torproject.org/docs/documentation.html.en Aurora gave me an invalid cert warning (see link to screen shot). When I used the New Identity button via Vidalia and refreshed the page it loaded just fine. Sadly, I wasn't able to note the path (re exit node) I was using at the time ... it didn't dawn on me to note the exit until I had already used the New Identity button.

Could this me a MITM attack by rouge exit node? Or just a hiccup in data transfer?

I'm using Tor Browser v2.2.34_1

BTW, wouldn't that be TBB v0.2.2.34_1? Why does the download URL list the TBB version as > 0.n? I.e., https://www.torproject.org/dist/torbrowser/tor-browser-2.2.34-1_en-US.exe

Child Tickets

Attachments (2)

tor_cert_issue.jpg (268.2 KB) - added by cypherpunks 8 years ago.
Screenshot with time/date of SSL cert. warning
tor-blog-ssl.jpg (285.4 KB) - added by cypherpunks 8 years ago.

Download all attachments as: .zip

Change History (9)

Changed 8 years ago by cypherpunks

Attachment: tor_cert_issue.jpg added

Screenshot with time/date of SSL cert. warning

comment:1 Changed 8 years ago by phobos

This cert screenshot doesn't tell us much. Knowing the exit node and details of the cert presented to you would be valuable.

comment:2 Changed 8 years ago by phobos

Resolution: not a bug
Status: newclosed

closing. please re-open if it happens again.

Changed 8 years ago by cypherpunks

Attachment: tor-blog-ssl.jpg added

comment:3 Changed 8 years ago by cypherpunks

Resolution: not a bug
Status: closedreopened
Summary: Tor SSL cert issue w/TorBrowserTor SSL cert issue w/ TorBrowser and w/o TorBrowser

Hi.

It's me again. And I just got a SSL cert warning on Tor Blog. The Cert is for www.westtell.com, not for Tor. This time I was not using Tor, just my normal Internet DSL connection. I attached the new screenshot above this message, titled "tor-blog-ssl.jpg".

May I ask either of you to make an educated guess as to why Tor is having SSL cert issues? I am quite concerned about this considering the Tor SSL cert problem with the Dutch SSL cert authority some time ago.

comment:4 Changed 8 years ago by cypherpunks

Oh yea, what's really odd is I cannot accept the cert warning and visit Tor Blog. There is no option to accept the cert when using Firefox 8. That is very strange, I have never seen that before, i.e., being prevented for visiting a site due to lack of optoin to 'accept' the SSL cert.

Also, the cert warning lists the SSL cert for www.westtell.com as self-signed, and I'm pretty sure Tor Project does not use self singed certs.

I have tried to re-load the page many times and I keep getting the cert warning. However, I just tired again (at about 10:52 am east coast time) and I didn't get the cert warning, the blog loaded just fine.

I'm a knob when it comes to SSL certs and such, but this does seem to be quite alarming, as if someone has access to Tor certs and is attacking Tor Project somehow.

comment:5 Changed 8 years ago by cypherpunks

EDIT:

The SSL cert error listed the site www.westell.com, not www.westtell.com as I reported previously. See the screenshot I uploaded today.

comment:6 Changed 8 years ago by cypherpunks

I'm back again.

I just noticed my modem is Westell brand. And the fact the SSL cert error for Tor Blog was about www.westell.com seems more than a coincidence. I believe the original SSL cert error for Tor web site was also about www.westell.com. Can you please suggest why my modem appears to be fuc*ing with Tor SSL cert, but not any other SSL certs for *any* other SSL web site?

comment:7 Changed 8 years ago by mikeperry

Component: Tor BrowserCompany
Resolution: not a bug
Status: reopenedclosed

No idea. Probably just your router failing closed in weird way when your internet connection died.

Note: See TracTickets for help on using tickets.