[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Combined relay and hidden service, good idea or not?

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Combined relay and hidden service, good idea or not?
From: Igor Mitrofanov <igor.n.mitrofanov@xxxxxxxxx>
Date: Thu, 4 Jan 2018 19:17:04 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 04 Jan 2018 22:17:21 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=01IH9g5g8G2O/u8qFMFQccPHQEk1HcUOuOg6gtTSh0U=; b=umurwdTJXviyPTymaJQEUA79ZjKkhgzCdkgcC59fC2sAVziXh0M9NCW8lDYmd8inEF Ya3wCSP6kfZ1rzIYSXUxN40k6nNSCb5XJjAcQx+FPAmpyS7dLY5C17TRg1EFNW/YVAzn h4CljZmOJ2aiD0nqu8Xk8jhh/O0Q1yf7ZGXbi93uC8xLJ7zZP4PqmD+xvvxwUR9AvJvs 6OqFJj09FkmuH3mdVWfJkk/xWYhZaxdWO4M6086ji9WFyU20ybOArJK47men0tXzxrHe 3do+F4EI/KkIIfho+1P//PHjz//K0bEdlWpdgtNXbnxdS9CE85E2zkETIHo1novoFOyX 1uXQ==
In-reply-to: <513c289257afb52f0b973b4551405c0ec91a.alpine@mantablue.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <513c289257afb52f0b973b4551405c0ec91a.alpine@mantablue.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

It is safe to assume that both relays and select hidden services are
being scanned 24/7. When your host reboots (say, as a result of an
automatic OS update), both your relay and your hidden service become
unavailable at the same time, instantly revealing the IP of the hidden
service.

On Thu, Jan 4, 2018 at 7:08 PM,  <tortilla@xxxxxxxxxxxxx> wrote:
> When operating a hidden service and a relay in one tor instance, tor
> currently warns:
>
> [warn] Tor is currently configured as a relay and a hidden service. That's
> not very secure: you should probably run your hidden service in a separate
> Tor process, at least -- see https://trac.torproject.org/8742
>
> First, that issue has been fixed and closed.
>
> Second, I had read in the past opinions stating:
>
> When operating a hidden service, running a relay helps mix traffic so that
> anyone observing traffic from the machine cannot easily run an analysis
> targeted at a hidden service that might exist on that machine.
>
> The text of the startup warning seems to contradict that belief.  Is there
> more to know, or is the warning only applicable to the now-closed
> information leak?
>
> Can someone kindly clarify the current best practice in this regard and
> address whether or not that warning should be removed from tor's startup
> diagnostics?
>
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Combined relay and hidden service, good idea or not?
  - From: tortilla

Prev by Author: Re: [tor-relays] >30% of the Tor network runs outdated version: Consider enabling auto-updates
Next by Author: [tor-relays] hidden service performance
Previous by thread: [tor-relays] Combined relay and hidden service, good idea or not?
Next by thread: Re: [tor-relays] Combined relay and hidden service, good idea or not?
Index(es):
- Author
- Thread