[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] You could use ModX to create .onion sites,

I'm not sure if this deserves its own thread, but I've been looking around
for a decent guide on building your own hidden service. The idea of course
is to be perfectly safe, even in the event of a highly trafficked site that
has content which would draw the attention of many authorities.

It looks like the whonix solution is the most complete so far, but I
haven't yet found a guide that lays out in very specific steps 'here is
what will give you the best chance of staying undetectable.' Most guides
just give you threat warnings and things that you should avoid, instead of
a whitelisted set of technologies.

On Thu, May 23, 2013 at 7:29 AM, Tom Ritter <tom@xxxxxxxxx> wrote:

> On 23 May 2013 05:00, Bernard Tyers - ei8fdb <ei8fdb@xxxxxxxxxx> wrote:
> > Can you explain what you mean by usability considerations? (I might have
> a different meaning of it, just curious)
> I think what he means is that most websites are built with a
> tremendous number of referenced images, css, and javascript.  Web devs
> use techniques like spriting to reduce the number of includes and
> prefixdomains (cache1.exmaple.com, cache2.example.com) to speed up
> load times.  .onion sites incur a significant latency hit, so every
> additional include is painful, especially when the site doesn't expect
> there to be this latency.
> The end result is when a user users .onion sites, they can wait for an
> extremely long time for the site to "paint" (actually render) because
> the browser has to fetch resources that it's blocked painting on
> (javascript and css can cause this).  In contrast, it's best to design
> an onion site to
> a) minimize includes, even at the cost of inflating the page size
> b) make good use of caching where possible
> c) sprite or better yet base64 images
> d) make sure a browser doesn't block painting based on necessary
> includes (very tricky)
> e) background-load resources and content (or even entire pages) that
> the user is likely to want while they are browsing the page
> f) potentially, I haven't tried this, using the new prefetch
> directives for bleeding-edge browsers
> Those are just off the top of my head, I'm sure there's more.  It'd be
> great if someone wrote a guide on this.
> -tom
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
tor-talk mailing list