[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor relay security

On Wed, Feb 3, 2010 at 9:10 AM, Jan Reister <Jan.Reister@xxxxxxxx> wrote:
> Il 03/02/2010 13:59, onion.soup@xxxxxxxxxxxx ha scritto:
>> 1. The article talks about encrypting sensitive information on a
>> Tor server. Does the author mean that files on hard disk are
>> obtainable by other Tor users when I run a Tor relay?
> No, unless a new vulnerability is discovered in Tor.
>> 2. I noticed there are key files found on machines running as Tor
>> relays.
> An attacker that got your relay's key files after a compromise could
> impersonate it in the Tor network. This is why it's advisable encrypting
> a relay's drive.

How does that help? If the machine is compromised, the disk will be
mounted and unencrypted.
Encrypted drives are really only helpfu if A) physical security/theft
is the major concern or B) you can leave the volume offline.

Does tor need access to these keys after startup (I assume not?) Of
course it does mean needing to decrypt the files for each restart. It
would be nice to have that supported as a standard feature of the
startup script but.... it also means not being able to do unattended

To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/