[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] UseEntryGuards: 0?

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] UseEntryGuards: 0?
From: "Syverson, Paul F CIV USN NRL (5543) Washington DC (USA)" <paul.syverson@xxxxxxxxxxxx>
Date: Wed, 18 Aug 2021 18:21:17 +0000
Accept-language: en-US
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 18 Aug 2021 14:21:40 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nrl.navy.mil; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=s2.dkim; bh=5AqvQcNOlkSiRH8kagczyTWpv/qkdhux+NnzHJRq45w=; b=ncv5InVmTidaQwwCDN6HqOaDcl518dlC9dWD+3lvBZE4uQbPyXRHZro6eWXmPqhOn+4W cvbz40jFqWI2FkUL+XZ6t9SQZESnEK/ScKOqX/9DqNIRdX05e8kX5w1If+yE/snwUI0f pmoAZmSHuq8hpMhCkwkn4KmPDnwNuhv9cHFHrIpSBLl0NmthpSzMTfd2KVlZLedSIkR8 4QKxmx1rZ2Dcp02vmCowB47IHzveaDLnKlE236jNhCq/jwwnuI/fl7XdcgMFN8wRn1c0 f3+XC4kNxbfpQePoaN8rDtfWbFDZYIkoyyx5RrKXSWREpR0DS5vsO3r4ztQQs2+62wED dw==
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nrl.navy.mil; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=s1.dkim; bh=5AqvQcNOlkSiRH8kagczyTWpv/qkdhux+NnzHJRq45w=; b=UGoPGdn+TdzBkQgA2ZnPUcqjO0tWJ00RiWkC9cYXBPybTyRwaH/rW24RYOapvfdTMY/D ky8/f4zaWz+RpN9bNyYXC1igyWoctXWSpvCsY+gGVlFd3G0VB3XUV3MhSapz9esIC5S5 DnH30WGvr2eAde0uLt9sE8P+9cKJueuD21o=
In-reply-to: <862c632a-d8f6-ee9c-dc7c-0a83e0448e84@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <0dba9598-b8af-aa3e-7d0f-6dff8377f57c@mailbox.org> <862c632a-d8f6-ee9c-dc7c-0a83e0448e84@torproject.org>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQHXlFjHmQPuT0ZNOUifHjIedGR2gqt51giA
Thread-topic: [tor-talk] UseEntryGuards: 0?

On Wed, Aug 18, 2021 at 01:45:06PM -0400, Matt Traudt wrote:
> Disable the socks port and set two options:
> 
>     SocksPort 0
>     HiddenServiceSingleHopMode 1
>     HiddenServiceNonAnonymousMode 1
> 
> All onion services that this tor process operates will connect directly
> to introduction and rendezvous points. This lowers the hop count from 6
> to 3 and rivals/beats exit connections in terms of latency/bandwidth.
> 
> The location of the onion service is no longer protected, yet visitors
> of the onion service are no worse off than before.
> 

To be specific, no longer protected from an adversary running a Tor
relay who knows the onion address. This is not especially hard to
mount as an attack. Nonetheless, onion services, even with the
settings you describe, are location-protected for many realistic
adversaries, not to mention protected against many other kinds of
attacks. Perhaps just a quibble, but I always feel obligated to
emphasize that anonymity is not nearly so simple as a boolean choice
of configuration with such a name might seem to indicate---either for
single-onion services or for double-onion services.

Si Vales Valeo,
Paul
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] UseEntryGuards: 0?
  - From: Fran
- Re: [tor-talk] UseEntryGuards: 0?
  - From: Matt Traudt

Prev by Author: Re: [tor-talk] UseEntryGuards: 0?
Next by Author: [tor-talk] Feature Proposal - Browser verifying page against (decentralized) GitHub repo
Previous by thread: Re: [tor-talk] UseEntryGuards: 0?
Next by thread: [tor-talk] An ESP32 Tor client
Index(es):
- Author
- Thread