[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: The best way to run a hidden service: one or two computers?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: The best way to run a hidden service: one or two computers?
From: Robert Ransom <rransom.8774@xxxxxxxxx>
Date: Thu, 16 Sep 2010 17:47:32 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Thu, 16 Sep 2010 20:45:52 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type; bh=Iw1Sfwe1OuJhAJZhXEtPvD+SsfHoGvpSWM3ms65NItI=; b=g5n4Qg3aAm+MF5Z5sP4jwzKgGhFP8y3cYWYUGeoftb2sf7dDqA4blS8mRbbTnPHE/y qfWx/UIAlFa33fcKYXjcjA6BxOUm6kOFu4ok+IG9YdxC8aYP2Ajxw979rwYGsnauVkmV /KgGuUmkK3bwbeJVBNhT2Xed1xdAWoXvgDXuE=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type; b=qlDbi3yHF7UxfGkeUgVtGq/NRj8jfcv7U0VbjZgy5b7pYPSPTBf/FrscrwtoUBcbWp 4mh518IxME+FOdPHzhJ7umSXUtoHXfMNFE5EcxaXWwxk7+o1l0PihRNQ0tDCrZRipQdo VqaD0Yb1KNNMtizm4VCNDdrz9+spZsfDkMo0Q=
In-reply-to: <N1-qZ7UjUkbgk@xxxxxxxxxxxxx>
References: <N1-qZ7UjUkbgk@xxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Thu, 16 Sep 2010 15:32:21 -0400
hikki@xxxxxxxxxxxxx wrote:

> Do you say that Ethernet cards may have backdoors built in,

Yes.  I read a report years ago that at least one model of Ethernet
card had a remote âfirmware upgradeâ âfeatureâ built in, with
absolutely no authentication of the new firmware blob.  The card
firmware had access to the host's DMA hardware, which can be used to
root the host.

>                                                             or did I 
> misunderstand that?

No.

> What if you put a hardware firewall router between the first computer and 
> the second:
> 
> [Server box with web server] -> [Hardware firewall router] -> [Gateway box with Tor] -> Internet/Tor entry node
> 
> And computer 1 and computer 2 operate on two different IP ranges, while 
> the firewall router sets all the firewall directives between them.
> 
> Could this be safer?

Only if you trust the hardware firewall/router.  I wouldn't.

> (I'm not sure if this message came within the thread, since I'm not yet sure about how to reply like that.)

It did.

Robert Ransom

Attachment: signature.asc
Description: PGP signature

References:
- Re: The best way to run a hidden service: one or two computers?
  - From: hikki

Prev by Author: Re: The best way to run a hidden service: one or two computers?
Next by Author: Re: The best way to run a hidden service: one or two computers?
Previous by thread: Re: The best way to run a hidden service: one or two computers?
Next by thread: Re: The best way to run a hidden service: one or two computers?
Index(es):
- Author
- Thread