[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] TorHS related files re-organization ?



On 3/18/12 1:09 PM, Jeroen Massar wrote:
> 
> 
> On 18 Mar 2012, at 12:46, "Fabio Pietrosanti (naif)" <lists@xxxxxxxxxxxxxxx> wrote:
> 
>> - Security issue
>>
>> Looking at the server seizure threat scenario, who seize the computer
>> running TorHS will be able to know the identity of the TorHS itself by
>> looking at the "hostname" file
> 
> Why not simply use Full Disk Encryption or similar to protect all the data files, hat avoids a compromise for any file on the system, heck if hey turn the box off they can't even see there is Tor on it at all. also heavily note that the actual content served is likely much more valuable and you will want to protect that too.

Yes, but any application that store "sensitive data" like keys should
provide an integrated way to protect such sensitive data.

Think about the "keychain" of PGP, or keychain of Firefox for digital
certificate, etc, etc

All major applications that need to handle "keys" support a built-in
feature to provide different degree of protection for such "keys".

So the idea is to "aggregate" the TorHS related "sensitive information"
and apply a protection schema with a "keychain" providing some security
feature.

-naif
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev