[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor official list of new .onion addresses?

To: <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Tor official list of new .onion addresses?
From: Nathaniel Suchy <me@xxxxxxxxxxx>
Date: Tue, 4 Dec 2018 23:26:52 +0100 (CET)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 04 Dec 2018 17:27:07 -0500
In-reply-to: <8636rd5e06.fsf@atlantis.meejah.ca>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <7acae6c647e93a409625eab301ab48b2@cock.li> <CAKNc95GxpenNydH=ebtbr=jQTtRX9jBkJrTpwZb75kJC7aXLUQ@mail.gmail.com> <<CAKNc95GxpenNydH=ebtbr=jQTtRX9jBkJrTpwZb75kJC7aXLUQ@mail.gmail.com>> <c472d9fe-5fce-e049-1ca9-3b5b6a33e5af@sky-ip.org> <LSrIyj8--3-1@lunorian.is> <<LSrIyj8--3-1@lunorian.is> (Nathaniel Suchy's message of "Tue, 4 Dec 2018 06:42:20 +0100 (CET)")> <8636rd5e06.fsf@atlantis.meejah.ca>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

I'll change to v3 Onion Services in the very near future. I hear that there are so many security improvements with v3 Onion Services and can't wait to give them a try :)

Also I agree with the wider point. You are attacking the network and likely violating the Tor Research Ethics Policy that was set out a while back. Publishing a master list is a very bad idea and I hope this never happens.

I like the idea of opt-in lists, but I shouldn't have to speak to opt-out of a list, just remain quiet and not opt-in.

Cordially,
Nathaniel Suchy



Dec 4, 2018, 1:43 PM by meejah@xxxxxxxxx:

> Nathaniel Suchy <> me@xxxxxxxxxxx <mailto:me@xxxxxxxxxxx>> > writes:
>
>> It's true that someone malicious can run a HSDir and get some (but not
>> all) of the Onion Addresses however this would assume that your onion
>> address ends up in a malicious HSDir (last time I checked it's
>> published to 5 different HSDirs?).
>>
>
> v3 onions get rid of this enumeration attack entirely. They can be used
> now with a recent Tor.
>
> A wider point here is that "enumerate all .onions" *is* considered an
> attack on the Tor network, so any "list of onion addresses" would have
> to be strictly opt-in.
>
> Anyone can therefore offer such a service (and people have over the
> years done just that).
>
> -- 
> meejah
>
> -- 
> tor-talk mailing list - > tor-talk@xxxxxxxxxxxxxxxxxxxx <mailto:tor-talk@xxxxxxxxxxxxxxxxxxxx>
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>
>

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor official list of new .onion addresses?
  - From: iwanlegit
- Re: [tor-talk] Tor official list of new .onion addresses?
  - From: Nathaniel Suchy
- Re: [tor-talk] Tor official list of new .onion addresses?
  - From: s7r
- Re: [tor-talk] Tor official list of new .onion addresses?
  - From: Nathaniel Suchy
- Re: [tor-talk] Tor official list of new .onion addresses?
  - From: meejah

Prev by Author: Re: [tor-talk] Tor official list of new .onion addresses?
Next by Author: [tor-talk] Why do you use Tor?
Previous by thread: Re: [tor-talk] Tor official list of new .onion addresses?
Next by thread: Re: [tor-talk] Tor official list of new .onion addresses?
Index(es):
- Author
- Thread