[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4700 [Tor]: Tor should provide a mechanism for hidden services to differentiate authorized clients and circuits

Subject: Re: [tor-bugs] #4700 [Tor]: Tor should provide a mechanism for hidden services to differentiate authorized clients and circuits
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 19 May 2015 05:57:14 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 19 May 2015 01:57:23 -0400
In-reply-to: <048.cb7fc76bf38a9551d639736d64320a6e@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <048.cb7fc76bf38a9551d639736d64320a6e@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#4700: Tor should provide a mechanism for hidden services to differentiate
authorized clients and circuits
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:
  katmagic               |     Status:  new
         Type:           |  Milestone:  Tor: unspecified
  enhancement            |    Version:
     Priority:  normal   |   Keywords:  hiddenServices control needs-
    Component:  Tor      |  proposal tor-hs
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |
-------------------------+-------------------------------------------------

Comment (by arma):

 Not quite the same thing, but an intriguing direction anyway:

 https://lists.torproject.org/pipermail/tor-dev/2014-March/006576.html

 """
 I've written this (ugly, unconfigurable) patch for Tor which is designed
 to allow hidden services more information about their users, by giving
 each inbound circuit its own temporary "IP address" in the 127.x range.
 This technique works on Linux (I've not tried it on anything else) and
 allows the application server to do some useful things which were
 previously difficult:

 * Identify TCP connections coming from the same client, in a short space
 of time, for example, for diagnostic log analysis, identifying traffic
 trends
 * Rate-limit operations coming from the same client, to defend against
 some types of DoS attacks
 * Temporarily block abusive clients (at least, until they make a new Tor
 circuit)

 More importantly, it can do this with an unmodified application-server
 (e.g. web servers typically have these features built-in) because it
 effectively "spoofs" the client ID as an ip-address, in the 127.x range.
 """

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4700#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #16110 [Tor Browser]: Improve Time Resolution Defense
Next by Author: [tor-bugs] #16111 [- Select a component]: bugs
Previous by thread: Re: [tor-bugs] #16110 [Tor Browser]: Improve Time Resolution Defense
Next by thread: [tor-bugs] #16111 [- Select a component]: bugs
Index(es):
- Author
- Thread