[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How easy are Tor hidden services to locate?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] How easy are Tor hidden services to locate?
From: tor@xxxxxxxxxxxxxxxxxx
Date: Wed, 06 Mar 2013 21:34:29 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 06 Mar 2013 16:34:41 -0500
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.grepular.com; s=dkim1; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:References:Subject:To:MIME-Version:From:Date:Message-Id; bh=Yyh5dUBsn2xHnsgj5XNZWvOKAA5SxSxeGyBq6lsnXRU=; b=gUiC0EkXZwKZc+WLEMKkCqjhv+yWHfZDbmoqioUiDfHMRRXh9JolDkJehfKUMjya3f3EO1Xa4o2KRcdLAWw/uejIMRL7BaMoSf+1mAB1Wm1HmRU3itV3e4vqzI/1yn3Qjxl9sPJ1SgPK7xhIULCsk55nEIj+tur19KW6G4mzwr0=;
In-reply-to: <CAGKHomfLiDTL2_V-Bsd+57Ykk_GavCSzK3K0EEyH+7NdVbx=xQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Openpgp: id=0018461F; url=http://grepular.com/0018461F.pub.asc
References: <DUB403-EAS253CFFDFE53309AF4F2D4C4D7E40@xxxxxxx> <20130306095305.GO5636@xxxxxxxxxxxxxx> <5.2.1.1.1.20130306154335.02681520@xxxxxxxxxxxxx> <CAGKHomfLiDTL2_V-Bsd+57Ykk_GavCSzK3K0EEyH+7NdVbx=xQ@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 06/03/13 20:00, Griffin Boyce wrote:

>>> Hidden services are definitely weaker than regular Tor
>>> circuits, a) because the adversary can induce them to speak,
>> Care to elaborate on that? You mean timing attacks (based on the 
>> fact that hidden servers 'speak' to clients?) ? Or the owner of
>> the service leaking information about himself by mistake? Or?
> 
> If a given service allows uploads, for example, it's frequently
> possible to then upload something to broadcast the server address.
> But if a server is unpatched, or someone has some Apache 0day
> they've been saving up, it's pretty easy to determine the location
> that way as well.

This is why ideally you'd run the hidden service from a machine that
doesn't know it's real IP, and has no way of figuring it out. Eg, use
a VM which has all of it's traffic transparently routed through Tor by
the host.

Of course, there may still be bugs in the virtualisation software that
allow an attacker to break out of the VM, but this is considerably
more secure than relying on the security of whatever PHP application
you're using on your website. Or you could just use two physical
machines instead of a VM, and hope there are no bugs in Tor its self.

- -- 
Mike Cardwell  https://grepular.com/     http://cardwellit.com/
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3  B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1  BF1B 295C 3C78 3EF1 46B4
-----BEGIN PGP SIGNATURE-----

iQGGBAEBCgBwBQJRN7ZlMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGlu
Z0BwZ3AuY29tcGdwbWltZTgUgAAAAAAVABpwa2EtYWRkcmVzc0BnbnVwZy5vcmdt
aWtlLmNhcmR3ZWxsQGdyZXB1bGFyLmNvbQAKCRCdJiMBwdHnBKAcB/9sti1VvRhc
ibtJo9eIop16AEIohgmg2XYpVHKFuPuKLbGdvlwMhnzaeqosuq7vCqTPAArjSo63
FD9pNYqAyDJY9VAsAsv79blyH5CHWYU7Ft/0nasYJAKoVKrV6MO5ZT1QOdoqBwkP
G3Hjk6YQ1FOKee4gbk8X54ukjnrJwJLR1yBdPH5+MY4uUa+6aMB5ORCRadSCiGfm
PzYcyNzAW7uQ2/fUNU/T40o5tsufb0Lcie5vIn+y001qf4+U1u7pBxcV9mxNk20N
RpuhLqCjBmIz57xNPbYOlCAi6Pmmxjne3EKLnKHaXEOHMP0FIiUUgMbT+9vLYiHC
jIFW7CAQNs1X
=Pttn
-----END PGP SIGNATURE-----
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] How easy are Tor hidden services to locate?
  - From: Anthony Papillion
- Re: [tor-talk] How easy are Tor hidden services to locate?
  - From: Roger Dingledine
- Re: [tor-talk] How easy are Tor hidden services to locate?
  - From: Juan Garofalo
- Re: [tor-talk] How easy are Tor hidden services to locate?
  - From: Griffin Boyce

Prev by Author: Re: [tor-talk] FlashProxy and HTTPS
Next by Author: [tor-talk] VOIP over Tor
Previous by thread: Re: [tor-talk] How easy are Tor hidden services to locate?
Next by thread: Re: [tor-talk] How easy are Tor hidden services to locate?
Index(es):
- Author
- Thread