-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 12/21/2016 04:38 AM, hi...@safe-mail.net wrote:
> I just think that this new single-hop system should have been reserved for a
> different Tor source/installation, dedicated only to non-anonymous hidden
> services, not merge it with the regular
On 21 December 2016 at 09:40, Cannon wrote:
> Good point.
> I believe the new single-hop is a great option for some situation such as
> if a website does not need to be anonymous but yet would still like to have
> a .onion address so users can still remain anonymous or
Alex, that is inappropriate language and behavior for a public
discussion list. You have demeaned yourself greatly with that
outburst, and only succeeding in damaging the Tor project. Please
stop.
Second, as someone who firmly believes in Murphy's Law, I share the
concerns that have been
On 21 December 2016 at 14:01, Allen wrote:
> Alex,
Typo.
> that is inappropriate language and behavior for a public
> discussion list. You have demeaned yourself greatly with that
> outburst, and only succeeding in damaging the Tor project. Please
> stop.
>
For
Allen:
> I have a question about the privacy of hidden services. Let's say I
> create a tor hidden service and privately send the onion address to
> only two other people. Would anyone outside of myself and those two
> people be able to determine the onion address or monitor activity
> related
There are researchers who monitor the HSDir to keep some stats on what goes Up
and what goes down, general server security is A Good start. You can password
protect alot. And restrict alot, then dissallow usr agents and so on
Allen skrev: (21 december 2016 18:59:59 CET)
>I
> Would anyone outside of myself and those two
> people be able to determine the onion address
Yes. Your onion address is published on a DHT, hosted accross all nodes with
HSDir flag. Some bad behaviouring relays try to enumerate all onion addresses
by massive HSDir node creation to fetch
I have a question about the privacy of hidden services. Let's say I
create a tor hidden service and privately send the onion address to
only two other people. Would anyone outside of myself and those two
people be able to determine the onion address or monitor activity
related to the hidden
On 21 Dec (19:37:13), Aeris wrote:
> > Would anyone outside of myself and those two
> > people be able to determine the onion address
>
> Yes. Your onion address is published on a DHT, hosted accross all nodes with
> HSDir flag. Some bad behaviouring relays try to enumerate all onion addresses
On 12/8/2016 7:10 AM, Jonathan Marquardt wrote:
Such an attacker could insert some JS or cookies etc. to track a user around
the web or more dangerous attacks like stealing user data. The possibilities
of JS are far-reaching. In the worst case scenario, JS can be used to exploit
a user's
> So yes, ideally encrypt your Introduction Points (basic) and obfuscate
> identity keys (stealth) [this also encrypts sets of IPs]. Non-ideally,
> use random slugs in URLs as OnionShare does (if you're doing web).
ok, I'm not sure I completely understand. If my HS uses stealth auth,
what data
Limit access for unwanted registerd like he says have A page and use
/jdjenwlsishdjshdysoalwjdbebs instead of /login
Allen skrev: (21 december 2016 20:57:47 CET)
>> So yes, ideally encrypt your Introduction Points (basic) and
>obfuscate
>> identity keys (stealth) [this also
Hi Flipchan, I'm not concerned with limiting access--I'm concerned
with who if anyone is able to detect the existence and activity of the
HS, and more specifically at this point, who is able to detect the
existence and activity of a HS that uses stealth auth when the onion
address is only
http://www.digitaltrends.com/computing/firefox-tor-vulnerability/
On Wed, Dec 21, 2016 at 3:09 PM, Joe Btfsplk wrote:
>
>
> On 12/8/2016 7:10 AM, Jonathan Marquardt wrote:
>>
>>
>> Such an attacker could insert some JS or cookies etc. to track a user
>> around
>> the web or
Alec Muffett wrote:
Otherwise, go work out how to ban "rm -rf /" - first.
That has actually been addressed in a number of places.
Reference: https://en.wikipedia.org/wiki/Rm_(Unix)
Sun Microsystems introduced "rm -rf /" protection in Solaris
10, first released in 2005. Upon
As soon as You "publish" the site it Will be added to the directory and someone
will know
Allen skrev: (21 december 2016 21:19:52 CET)
>Hi Flipchan, I'm not concerned with limiting access--I'm concerned
>with who if anyone is able to detect the existence and activity of the
From the discussion and studying the specs, my understanding is that:
The HS directory servers receive the HS public key aka onion address.
The information leakages are: (1) through various HSdir enumeration
techniques, the world at large can discover the HS public key and
onion address; (2) the
On 12/21/2016 07:57 AM, David Goulet wrote:
> On 20 Dec (23:38:43), hi...@safe-mail.net wrote:
>> I just think that this new single-hop system should have been reserved for a
>> different Tor source/installation, dedicated only to non-anonymous hidden
>> services, not merge it with the regular
Sent from Fu's iPhone
> On Dec 21, 2016, at 12:59 PM, Allen wrote:
>
> I have a question about the privacy of hidden services. Let's say I
> create a tor hidden service and privately send the onion address to
> only two other people. Would anyone outside of myself and
On 22 December 2016 at 05:50, Jim wrote:
> Alec Muffett wrote:
>
> Otherwise, go work out how to ban "rm -rf /" - first.
>>
>
> That has actually been addressed in a number of places.
>
> Reference: https://en.wikipedia.org/wiki/Rm_(Unix)
>
> Sun Microsystems introduced
On 20 Dec (23:38:43), hi...@safe-mail.net wrote:
> I just think that this new single-hop system should have been reserved for a
> different Tor source/installation, dedicated only to non-anonymous hidden
> services, not merge it with the regular Tor software. And this for security.
>
> I once
On Tue, 20 Dec 2016 23:38:43 -0500
hi...@safe-mail.net wrote:
> I just think that this new single-hop system should have been reserved for a
> different Tor source/installation, dedicated only to non-anonymous hidden
> services, not merge it with the regular Tor software. And this for security.
22 matches
Mail list logo