On Tue, Aug 05, 2014 at 03:09:29PM -0400, Andrew Lewman wrote: > On 08/05/2014 01:58 PM, Rejo Zenger wrote: > > How would they have done that? Of course, there are wiki's listing > > hidden services, but they are most likely far from complete and I > > wouldn't expect websites with hardcore child abuse to be "advertised" > > there. So, what do you think this crawler did? > > Unfortunately, the hardcore sites are/were advertised on one of the 20+ > hidden wikis which exist at any time. The press and police only seem to > find these sites and assume everything is just this set. There are > seriously 20+ hidden wikis, each one claiming to be the > original/canonical wiki. > > Given the resources of a national police force, it seems probable they > can create a crawler to simply crawl every permutation of hidden service > addresses on port 80 alone. > > Of course, it's easier to crawl the 20+ hidden wikis and go from there. I seriously doubt anyone is going to be crawling the 80-bit space of HS key hashes by brute force like that. They'll be running some sort of enumeration attack to gather the descriptors or a web crawler. -- Andrea Shepard <andrea@xxxxxxxxxxxxxx> PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF DE79 A4FF BC34 F01D D536 PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5 DF7E 4191 13D9 D0CF BDA5
Attachment:
pgp9IaCsL8Svh.pgp
Description: PGP signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk