Tor is very secure software but its time we redesign hidden services to be faster and more secure. We should bundle a hidden service server which won't connect to the internet except through Tor and only knows it's Tor IP address. On Aug 25, 2013 7:58 PM, "Roger Dingledine" <[email protected]> wrote:
> On Sun, Aug 25, 2013 at 05:05:26PM -0400, [email protected] wrote: > > The US feds did actually take down FH, which was a HIDDEN SERVICE! They > > found it and arrested the admin! Period! > > Reminds me of my response when in 2011 some Dutch police broke into > a hidden service: > https://lists.torproject.org/pipermail/tor-talk/2011-September/021198.html > > "If you have an instant messaging conversation with a Tor user and > convince her to tell you her address, did you break Tor? Having an > http conversation with a webserver running over a Tor hidden service, > and convincing it to tell you its address, is not much different." > > We don't know in this case if they did it through exploiting the software > running on the other end of the hidden service, or by the old "follow > the money" trick, or by having an insider provide the info, or what. > > It could in fact have been by attacking the Tor protocol directly (see > below). But I think in many cases, even with the various known weaknesses, > the above "just bypass Tor and attack them in other ways" approaches > are even easier. (This observation should scare you more, not less.) > > The fact that somebody started serving malware on the various hidden > services: > > https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable > makes me think that they got in via the software running the webserver. > I mean, heck, I heard he let strangers run php scripts in his webserver. > > For another case of a hidden service being compromised, see > https://blog.torproject.org/blog/trip-report-october-fbi-conference > The summary sentence there is "Way before they switched to a Tor hidden > service, the two main people used Hushmail to communicate." > > > If they can find hidden services, finding regular tor clients would be > even > > easier! > > This part is unfortunately (well, ok maybe fortunately, but either > way) false. Hidden services are weaker than normal Tor circuits for two > reasons: a) they stay in the same place over time, and b) you, the user, > can choose how often they make circuits. These two properties combine > to produce a variety of other problems. I described some of them briefly > in the 29c3 talk this past December, but see > https://blog.torproject.org/blog/hidden-services-need-some-love for > many more details, including references to academic papers on the topic. > > --Roger > > -- > tor-talk mailing list - [email protected] > To unsusbscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - [email protected] To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
