[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Hidden Service authorization UI



On Sun, Nov 09, 2014 at 08:18:40AM -0500, Griffin Boyce wrote:
> So most of my work over the next three days is writing and editing
> documentation on hidden services. 
> 
> I'm in Boston and the purpose of this trip is to rewrite existing
> documentation to be more useful, but with authenticated hidden services,
> what's available is extremely sparse. GlobaLeaks and SecureDrop have good
> authenticated hidden service setups (and good use cases for them). A friend
> of mine uses an authenticated HS for his personal cloud.  More secure for
> him than logging into DropBox, etc. So they're also useful for mere mortals
> like us. ;-) 
> 
> Is there something you need/want in terms of documentation.
> 
> best,
> Griffin
> 
> PS: yes I'm aware of the hilarious timing of this trip.

No particular suggestions to offer on documentation, but 'hilarious' may
actually be 'good', since for situations like this where an HS doesn't need
to be open to the general public, it denies attackers the ability to cause
the HS to produce traffic on demand and thus probably makes it more resistant
to any HS exploits that may have been involved in recent events.

-- 
Andrea Shepard
<andrea@xxxxxxxxxxxxxx>
PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF  DE79 A4FF BC34 F01D D536
PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5  DF7E 4191 13D9 D0CF BDA5

Attachment: pgpDRqj5cjvmL.pgp
Description: PGP signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev