31 Oct
2014
31 Oct
'14
2:58 p.m.
Hi all, so, you've probably seen this: http://venturebeat.com/2014/10/31/facebook-announced-it-is-now-providing-dir... Apart from being torn about the move (good on Facebook to support TOR, but I don't really feel like praising Facebook for anything I guess), there are two WTFs here: https://facebookcorewwwi.onion/ 1. HTTPS to TOR Hidden Service? Why? /that's the smaller one/ 2. How did they get to control 15 characters (I assume the "i" was random) in the .onion address? That's a *LOT* of number crunching. If they are able to do this, it means they are able (or are very close to) bascially spoof *any* .onion address. Am I missing something? -- Pozdr rysiek