[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Combined relay and hidden service, good idea or not?

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Combined relay and hidden service, good idea or not?
From: Roger Dingledine <arma@xxxxxxx>
Date: Fri, 5 Jan 2018 15:31:26 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 05 Jan 2018 15:31:41 -0500
In-reply-to: <513c289257afb52f0b973b4551405c0ec91a.alpine@mantablue.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <513c289257afb52f0b973b4551405c0ec91a.alpine@mantablue.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.9.2 (2017-12-15)

On Fri, Jan 05, 2018 at 03:08:48AM -0000, tortilla@xxxxxxxxxxxxx wrote:
> Second, I had read in the past opinions stating:
> 
> When operating a hidden service, running a relay helps mix traffic so that
> anyone observing traffic from the machine cannot easily run an analysis
> targeted at a hidden service that might exist on that machine.
> 
> The text of the startup warning seems to contradict that belief.  Is there
> more to know, or is the warning only applicable to the now-closed
> information leak?
> 
> Can someone kindly clarify the current best practice in this regard and
> address whether or not that warning should be removed from tor's startup
> diagnostics?

I believe it is riskier to run an onion service on a public relay if you
want to keep the onion service's location hidden. The original reason for
this recommendation was because it's easier to induce load on the relay,
and then look for corresponding congestion at the onion service.

This congestion "guess and check" concern is similar to the concern
around running your local Tor client as a bridge. You can read more here:
https://blog.torproject.org/risks-serving-whenever-you-surf
https://www.freehaven.net/anonbib/#wpes09-bridge-attack

--Roger

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Combined relay and hidden service, good idea or not?
  - From: Tortilla

References:
- [tor-relays] Combined relay and hidden service, good idea or not?
  - From: tortilla

Prev by Author: Re: [tor-relays] Has the storm passed?
Next by Author: Re: [tor-relays] A lot of Warn messages when bootstrapping Tor 0.3.2.9 (stable)
Previous by thread: Re: [tor-relays] Combined relay and hidden service, good idea or not?
Next by thread: Re: [tor-relays] Combined relay and hidden service, good idea or not?
Index(es):
- Author
- Thread