Topic: SSL certificates are changing on Bitcoin websites (Read 2163 times)
Running a hidden service doesn't stop DoS attacks. If anything it makes them harder to stop because you can't block connections on Tor anywhere near as easily as with regular web sites (no IP address blocking).
Obviously you are being MITM attacked by the government for participating in a subversive p2p network currency.
You think you're joking but that's exactly what's happening lol
http://exiledonline.com/isucker-big-brother-internet-culture/
Quote
...CloudFlare’s CEO Matthew Prince made a weird, glib admission that he decided to start the company only after the Department of Homeland Security gave him a call in 2007 and suggested he take the technology behind Project Honey Pot one step further…
+1 CloudFlare the ultimate man in the middle attack and people don't even seem to care ...
Edit:
This reminded me of following article written in 2009, it seems like all the concerns they had where valid and have or are becoming the main issue with freedom on the internet.
Quote from: Can we reinvent the internet ?
They are concerned that control could be shifting from the edges of the Internet toward the service providers at the center, which would allow the providers to have “gatekeeper” capacity and would contradict the Internet's “end-to-end” principle
http://www.sciencemag.org/content/325/5939/396.short 
Code:
apt-get install tor
apt-get install ettercap
apt-get install ettercap
Ettercap is a program that allows you to perform a man in the middle attack. It can do so by redirecting traffic or if you already are the gateway(such as with tor) then it can perform the attack wouthout needing to reroute.
It is capable of generating an ssl certificate on the fly and attempt to get you to connect to them. This will cause a browser warning that something is fishy, many ignore it.
I would not be suprised if someone was running a tor node just to attempt to steal wallet passwords.
Because those of us not doing anything illegal and not being overly paranoid(*) think that using TOR is inconvenient and slow.
(*) And that may be a significant fraction of all bitcointers.
Then people who don't want it wouldn't need to use the hidden service, but those who don't trust cloudflare would have an alternative.(*) And that may be a significant fraction of all bitcointers.
You don't need to have a website behind Tor in order to use Tor to access it and protect yourself as far as I understand it..
All other things being equal a hidden service is safer, and sometimes faster, than using Tor to browse a regular web site. Traffic between your computer and a hidden service doesn't leave the internal Tor network so you aren't exposed to potentially malicious and/or congested exit nodes and (most importantly) it's impossible for an intermediate node to perform a MITM attack.eg. Install Tor (apt-get install tor), add a web server cfg to listen on some localhost port and edit the line in the torrc file to associate the hidden service dir with local port. Restart Tor.
But also, if they're using cloudflare to spread load (and I don't know if that's the reason) then I guess handling some small portion of traffic via the local Tor proxy may be seen as hindering that.
Because those of us not doing anything illegal and not being overly paranoid(*) think that using TOR is inconvenient and slow.
(*) And that may be a significant fraction of all bitcointers.
Then people who don't want it wouldn't need to use the hidden service, but those who don't trust cloudflare would have an alternative.(*) And that may be a significant fraction of all bitcointers.
You don't need to have a website behind Tor in order to use Tor to access it and protect yourself as far as I understand it..
All other things being equal a hidden service is safer, and sometimes faster, than using Tor to browse a regular web site. Traffic between your computer and a hidden service doesn't leave the internal Tor network so you aren't exposed to potentially malicious and/or congested exit nodes and (most importantly) it's impossible for an intermediate node to perform a MITM attack. 
The SAN field on the certificate for bitcoin.de is pretty interesting:
Or maybe not, maybe they need to be able to read the traffic in order to be able to filter out ddos attacks..
DNS Name=ssl2669.cloudflare.com
DNS Name=*.ukashvip.com
DNS Name=ukashvip.com
DNS Name=bookmakers.com.au
DNS Name=*.calendars.com
DNS Name=calendars.com
DNS Name=subeta.net
DNS Name=*.subeta.net
DNS Name=*.goldenarium.com
DNS Name=*.hellocq.com
DNS Name=*.bookmakers.com.au
DNS Name=*.pcbooster.com
DNS Name=*.hosthack.com
DNS Name=hosthack.com
DNS Name=*.aitec.ee
DNS Name=greenpolkadotbox.com
DNS Name=pcbooster.com
DNS Name=goldenarium.com
DNS Name=testwanda.com
DNS Name=bitinstant.com
DNS Name=*.testwanda.com
DNS Name=bitcoin.de
DNS Name=*.bitcoin.de
DNS Name=president.gov.ph
DNS Name=*.greenpolkadotbox.com
DNS Name=aitec.ee
DNS Name=*.president.gov.ph
DNS Name=*.bitinstant.com
DNS Name=hellocq.com
DNS Name=*.tangostress.info
DNS Name=tangostress.info
Or maybe not, maybe they need to be able to read the traffic in order to be able to filter out ddos attacks..
DNS Name=ssl2669.cloudflare.com
DNS Name=*.ukashvip.com
DNS Name=ukashvip.com
DNS Name=bookmakers.com.au
DNS Name=*.calendars.com
DNS Name=calendars.com
DNS Name=subeta.net
DNS Name=*.subeta.net
DNS Name=*.goldenarium.com
DNS Name=*.hellocq.com
DNS Name=*.bookmakers.com.au
DNS Name=*.pcbooster.com
DNS Name=*.hosthack.com
DNS Name=hosthack.com
DNS Name=*.aitec.ee
DNS Name=greenpolkadotbox.com
DNS Name=pcbooster.com
DNS Name=goldenarium.com
DNS Name=testwanda.com
DNS Name=bitinstant.com
DNS Name=*.testwanda.com
DNS Name=bitcoin.de
DNS Name=*.bitcoin.de
DNS Name=president.gov.ph
DNS Name=*.greenpolkadotbox.com
DNS Name=aitec.ee
DNS Name=*.president.gov.ph
DNS Name=*.bitinstant.com
DNS Name=hellocq.com
DNS Name=*.tangostress.info
DNS Name=tangostress.info
I still don't understand why all bitcoin-related websites don't make access via a hidden service a standard feature.
Because those of us not doing anything illegal and not being overly paranoid(*) think that using TOR is inconvenient and slow. (*) And that may be a significant fraction of all bitcointers.
You don't need to have a website behind Tor in order to use Tor to access it and protect yourself as far as I understand it..
I still don't understand why all bitcoin-related websites don't make access via a hidden service a standard feature.
Because those of us not doing anything illegal and not being overly paranoid(*) think that using TOR is inconvenient and slow. (*) And that may be a significant fraction of all bitcointers.
Cloudflare is a US entity, and as such subject to the US PATRIOT act. Making the Web insecure pushes more people towards cloudflare, which in turn provides more opportunities for massive data surveilance by the US government. Imagine the reaction if Chinese government was trying to route as much traffic as possible through Chinese-operated infrastructure...
I still don't understand why all bitcoin-related websites don't make access via a hidden service a standard feature. 
It seems they moved to cloudflare, possibly due to ddos or similar problems. Nothing alarming. What psy pointed out is interesting, though. Cloudflare is a US entity, and as such subject to the US PATRIOT act. Making the Web insecure pushes more people towards cloudflare, which in turn provides more opportunities for massive data surveilance by the US government. Imagine the reaction if Chinese government was trying to route as much traffic as possible through Chinese-operated infrastructure...
There are known trojan's in the wild now infecting chrome on MS. Cert signature errors are a very common sign.
Obviously you are being MITM attacked by the government for participating in a subversive p2p network currency.
You think you're joking but that's exactly what's happening lol
http://exiledonline.com/isucker-big-brother-internet-culture/
Quote
...CloudFlare’s CEO Matthew Prince made a weird, glib admission that he decided to start the company only after the Department of Homeland Security gave him a call in 2007 and suggested he take the technology behind Project Honey Pot one step further…
damn lol
Obviously you are being MITM attacked by the government for participating in a subversive p2p network currency.
You think you're joking but that's exactly what's happening lol
http://exiledonline.com/isucker-big-brother-internet-culture/
Quote
...CloudFlare’s CEO Matthew Prince made a weird, glib admission that he decided to start the company only after the Department of Homeland Security gave him a call in 2007 and suggested he take the technology behind Project Honey Pot one step further…
Obviously you are being MITM attacked by the government for participating in a subversive p2p network currency.
You should sound the alarm, because if indeed that were the case, this would not be too late anyway. /sarcasm
SSL key changes are routine. If you trust the PKI, then it's fine. If you don't trust the PKI, it wasn't fine before anyway.
You should sound the alarm, because if indeed that were the case, this would not be too late anyway. /sarcasm
SSL key changes are routine. If you trust the PKI, then it's fine. If you don't trust the PKI, it wasn't fine before anyway.
Recently, bitcoin.de changed its SSL certificate (twice), while the old one wasn't expired yet. Also, the certificate authority changed. bitcoin.de now seems to be some kind of alias(?) of ssl2669.cloudflare.com, and Certificate Patrol shows it like:
- GlobalSign Root CA
- GlobalSign Organization Validation CA - G2
- ssl2669.cloudflare.com
For bitcoin.de, this might have had something to do with the recent DDOS attack (but then, who would gain anything with a DDOS attack?). But now I also got a new certificate for bitinstant,com, also while the old certificate wasn't expired yet, and also pointing to ssl2669.cloudflare.com.
Can someone please explain what is going on here?
- GlobalSign Root CA
- GlobalSign Organization Validation CA - G2
- ssl2669.cloudflare.com
For bitcoin.de, this might have had something to do with the recent DDOS attack (but then, who would gain anything with a DDOS attack?). But now I also got a new certificate for bitinstant,com, also while the old certificate wasn't expired yet, and also pointing to ssl2669.cloudflare.com.
Can someone please explain what is going on here?
Jump to: