[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Hidden service security w. Apache/Win32

To: Ondrej Mikle <ondrej.mikle@xxxxxxxxx>
Subject: Re: [tor-talk] Hidden service security w. Apache/Win32
From: Ralf-Philipp Weinmann <ralf@xxxxxxxxxxxxxx>
Date: Mon, 20 Feb 2012 17:06:28 +0100
Cc: tor-talk@xxxxxxxxxxxxxxxxxxxx, cypherpunks@xxxxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 20 Feb 2012 11:12:16 -0500
In-reply-to: <20120220134050.GN7343@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20120220134050.GN7343@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On 2012-02-19 19:58 CET, Ondrej Mikle wrote:

> Addendum for truly "uberparanoid" installation:
> 
> [various "best practices"]
> 
> With the uberparanoid installation, the greatest risk is a return-to-libc-style
> attack on Tor where attacker instructs Tor to make circuit to a node controlled
> by attacker, thus revealing IP.

So this is the part where you should realize how futile all of that pain of setting up policies is…

-RPW

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Hidden service security w. Apache/Win32
  - From: Fred Toben
- Re: [tor-talk] Hidden service security w. Apache/Win32
  - From: Ondrej Mikle

Prev by Author: [tor-talk] bridges - higher risks for hidden services?
Next by Author: Re: [tor-talk] Hidden service security w. Apache/Win32
Previous by thread: Re: [tor-talk] Hidden service security w. Apache/Win32
Next by thread: Re: [tor-talk] Hidden service security w. Apache/Win32
Index(es):
- Author
- Thread