GitLab

Malicious exit nodes can modify downloaded files in the way they will cause malicious activity. For example, they can add malware to executables or embed exploit into PDFs. Most of binaries in the Web are non-signed and downloaded via http. Even if they were signed, there is no way for a Tor user to know that they were signed prior malicious modification removing any trace of a signature.

So we need a bot downloading different binaries via different exit nodes and non-torified connections, comparing the results and blacklisting malicious exit nodes.

Naive implementation is vulnerable to the attack: a malicious website can give a randomized binary to victim exit nodes causing them to be blacklisted. Malicious CDNs or NSA hardware in main ISPs can be much more dangerous and stealthy.

Maybe we should ship a db of hashes of popular binaries (programs, pdfs, etc) and check their integrity?