[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay

Subject: Re: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 11 May 2015 14:03:15 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 11 May 2015 10:03:25 -0400
In-reply-to: <044.3ccc59aa53de9ce173ac3c409326c7e7@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.3ccc59aa53de9ce173ac3c409326c7e7@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#14917: Client's choice of rend point can leak info about hidden service's guard
relay
-------------------------+-------------------------------------------------
     Reporter:  arma     |      Owner:
         Type:  defect   |     Status:  assigned
     Priority:  normal   |  Milestone:  Tor: 0.2.7.x-final
    Component:  Tor      |    Version:  Tor: 0.2.7
   Resolution:           |   Keywords:  SponsorR, tor-hs, 027-triaged-1-in,
Actual Points:           |  SponsorU
       Points:  medium   |  Parent ID:
-------------------------+-------------------------------------------------

Comment (by dgoulet):

 Replying to [comment:9 arma]:
 > Trigger a warning and fail the circuit? Or trigger a warning and do the
 four hop circuit as described above? I assume you mean the former. But
 isn't having only one EntryNode the safest, best recommendation we can
 have for when you're setting EntryNodes? Especially in the scenario where
 you run that relay or know its operator.

 No, it would be trigger a warning and don't fail. But now that I think of
 this that doesn't make much sense because between failing voluntarily or
 failing because we can't connect to the guard as the chosen exit is
 roughly the same... So this solution doesn't work.

 >
 > I worry that we're warning people away from what might actually be the
 best recommended behavior for some of them.

 If you are an HS and you set only one single `EntryNodes`, it's obvisouly
 not the recommended behavior for now.

 We use one guard right now (primary) but we always have a secondary in
 case we have an unstable primary (and also to avoid this issue). With
 `EntryNodes`, this "secondary" guard is bypassed leading to that issue.

 IMO, HS + one `EntryNodes`, you shouldn't be able to start tor at all,
 period. It's either that or we allow exiting at your guard which I don't
 think is ideal.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14917#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #15961 [Tor]: tor fails to handle half-closed TCP connections: it should forward data back on sockets that were shutdown(SHUT_WR) by client
Next by Author: Re: [tor-bugs] #15961 [Tor]: tor fails to handle half-closed TCP connections: it should forward data back on sockets that were shutdown(SHUT_WR) by client
Previous by thread: Re: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
Next by thread: Re: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
Index(es):
- Author
- Thread