[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] RFC: Ephemeral Hidden Services via the Control Port



On Fri, Feb 13, 2015, at 07:45 PM, Yawning Angel wrote:
> Yes, this means that if you run "kittensomgmewmew.onion" and are scared
> of the NSA's persistent attempts to extract your hidden service key,
> via ultrasonic laser beamed from their satellites, you could run your
> tor instance entirely in a ram disk, and load the HS key manually each
> time from a USB token you wear around your neck.

A very practical use of this in the Orbot context, is that we can now
store all HS identity data in an IOCipher encrypted volume, which the
user can unlock with a strong passphrase when they want to start up
their onionsites. Currently, all HS data is stored in the standard Tor
data paths, only protected by the per-app user permissions on Android.
This means the data can be accessed by rootkit capable malware apps and
forensic extraction tools. With IOCipher, that would make that a great
deal harder, and impossible if they were in a locked state (i.e. the key
is not in memory).

We are working on adding OnionShare-capabilities to Orbot, so this is
well timed!

+n

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev