Re: [tor-onions] Connection to a hidden service with a RFC 6455 web-socket - advice on risks please
Thanks to all for the wealth of valuable information I have received. I am officially a onion service believer now, and my understanding has grown exponentially! On 06/03/18 19:38, Roger Dingledine wrote: On Tue, Mar 06, 2018 at 07:27:32PM +, Michael Jonker wrote: They have asked me to ask here also if, when connected to a hidden service, the circuit becomes "dirty" after default 10 minutes and resets? No, onion services use the opposite logic: once you open a circuit to the onion service, the 10 minute timer starts, and if you open a new stream you *reset* the timer to a fresh 10 minutes. So as long as you keep using it, it will stay open. If 10 minutes pass and you didn't attach a new stream, Tor won't try to put new streams on that circuit in the future (i.e. it will try to open a new one). This 'opposite logic' is actually the same logic that Tor Browser uses for its circuits, since it uses the socks isolation feature where the goal is to separate requests between domains, rather than to separate them between time slots: https://gitweb.torproject.org/tor.git/tree/src/or/circuituse.c#n2713 --Roger ___ tor-onions mailing list tor-onions@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions ___ tor-onions mailing list tor-onions@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
Re: [tor-onions] Connection to a hidden service with a RFC 6455 web-socket - advice on risks please
On 6 March 2018 at 10:55, Michael Jonkerwrote: > 2) Am I perpetrating a security anti-pattern by holding the connection open > indeterminately? Unless I'm missing something: no more so leaving a modern web application tab (Facebook, gmail) open indefinitely. Which is to say, WebSockets, Facebook, and Gmail all turn you (the client) into a server. An attacker (which may be the web server you are connected to or which may be an outside party sending messages to you through the server) can choose when and how large a message you will receive. This capability is what makes it particularly difficult to defend against Guard Discovery attacks in Hidden Services, and when you invert the model (where you are the server) it will enable Guard Discovery attacks on you the client. I say this to try to be accurate. I don't say it to discourage you or suggest you shouldn't do this - I think you should. I think it's fantastic that you're working on providing a responsive web experience over a hidden service and I hope to see an awesome deployment or blog post about it in the future. -tom ___ tor-onions mailing list tor-onions@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions