[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] issues with a fresh new tor server



On 8/21/16, Toralf Förster <toralf.foerster@xxxxxx> wrote:
> I'm pretty convinced that this is an easy method to ensure an attacker
> even with physical access to a server (eg. while changing a defect
> hard disk) can't achieve the secret key.

rm the key/salt doesn't wipe the underlying data.
Wipe the files or the non swap backed fs, or use a pipe.
Some tools and allocators might wipe ram regarding core dump.
But still, turn off dumps. Considering...
- Adversary can always run a node at their cost
- Almost all nodes are linux attack surface, not diverse
- You keep copy of node key to help show revocation.
- You may not discover you're rooted
... don't lose sleep over it. Happy relaying.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays