使用Tor访问一个网站时可能会降级到HTTP,但在切换线路后,一切恢复正常。
这种情况一般是遭受到了SSL剥离攻击,Tor网络有许多恶意节点进行此类攻击,来窃取信息或加密货币。
我的思路正确吗?
应该保持警惕, 但不一定是SSL剥离攻击, 也可能只是单纯的Tor浏览器和Tor网络环境共同造成的Bug:
Tor Browser is launching two connections to the site, one to http and one to https. If the http one succeeds but the https one doesn’t answer quickly enough, then this pop-up comes up.
https://forum.torproject.org/t/what-exactly-is-happening-when-i-do-this/16776