[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Funded search engine for onionspace?



grarpamp <grarpamp@xxxxxxxxx> writes:

> On Wed, Mar 4, 2015 at 12:16 PM, George Kadianakis <desnacked@xxxxxxxxxx> wrote:
>> I find their concern very valid
>
> Respectfully... invalid. Onions are going to be mined, shared, leaked,
> indexed, and copied anyways. And most certainly by your adversaries.
> Do we forget merely publishing an onion to the dirs results in accesses.
> Lists of onions just make all this abundantly and properly obvious for
> those who don't get the picture. Nor are you going to be able to

I understand but don't really agree with your point. Mainly because I
can't think of a single positive thing that can happen because of this
public list.

> influence or censor every list. So instead of whining they should be
> doing something to enforce actual privacy...
> 1) HiddenServiceAuthorizeClient
> 2) HTTPS/app level auth

FWIW, none of the above will actually help against a non-experienced
user that uses tor2web to connect to an onion by mistake. Even with HS
authorization or HTTP auth, the onion will forever be imprinted on
that public list.

> 3) OpSec
> 4) Site defense
> 5) etc

OpSec would help, but it actually relies on the human factor.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk