[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Configuring a Hidden Service



* zzzjethro666@xxxxxxxxxxxx schrieb am 2010-12-06 um 08:19 Uhr:
> "If your computer isn't online all the time, your hidden service won't
> be either. This leaks information to an observant adversary." Does it
> leak because it is online all the time or because it isn't online all
> the time?  And how or what does it leak?

Assume you run a webserver on your local machine. You configured it as
hidden service. In the morning when you wake up. you turn on your
computer and the hidden service is available to the world. Before you
go to bed, you turn off your computer and the hidden service disappears.
An attacker can send requests to your hidden service to check if it is
online. He will learn that it is turned off for some hours and online
for some hours. With this information he knows (or can assume) in which
timezone your computer is located and maybe some more.

> Also, does one need to be connected (online), to the Tor network in
> order to "precheck" a Hidden Services site in order to make sure it is
> working properly? Can it open in Firefox browser offline and whatever

You need to be connected with the Tor Network, because your software
needs to connect to certain servers (introduction and rendezvous points,
i.e.).

regards,
-- 
Jens Kubieziel                                   http://www.kubieziel.de
Wer viel Charakter hat, hat wenig Eigentum. John James Osborne

Attachment: signature.asc
Description: Digital signature