[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Obfuscated URLs?



On Tue, 30 Jun 2009 11:47:33 -0700 (PDT)
Martin Fick <mogulguy@xxxxxxxxx> wrote:


> 
> I envision an onion encrypted URL along with the exact path through 
> tor (the three hops) also onion encrypted.  This would be similar 
> to the way a client normally wraps requests through tor, but the 
> wrapping would happen up front and then the wrapper would become 
> the "Obfuscated URL" which could be handed off to someone else 
> obfuscating both the path through tor and the final destination to 
> the person receiving the "Obfuscated URL".  
> 
>

An interesting idea. I see two possible problems with it. Firstly
I'm not sure storing the route is useful. Due to the nature of Tor
some relays may not be up all the time so having them hard coded in
the URL could be a path to failure. Also I am not sure there would
be any security advantage (other then possibly specifying the exit
node to keep it in a friendly jurisdiction or something .. but this
too has it's potential problems (see next point).

Secondly this idea seems more suited to malicious uses (obviscated URL
to exploit site/etc) then to the more dissident need for anonymity.
(I could be wrong. I welcome some examples to get me thinking in the right
lines.). One of the reasons I say this is that if the information is
not running on a hidden server then it will most likely be found and
shutdown. Since anyone that could use these URLs would need to have
TOR installed and running I'm having a hard time seeing the
advantage to this over a .onion URL. (Again I welcome examples)

Just my thoughts
Freemor
   


-- 
freemor@xxxxxxxxx
freemor@xxxxxxxx

This e-mail has been digitally signed with GnuPG - ( http://gnupg.org/ )

Attachment: signature.asc
Description: PGP signature