I'll change to v3 Onion Services in the very near future. I hear that there are so many security improvements with v3 Onion Services and can't wait to give them a try :)
Also I agree with the wider point. You are attacking the network and likely violating the Tor Research Ethics Policy that was set out a while back. Publishing a master list is a very bad idea and I hope this never happens. I like the idea of opt-in lists, but I shouldn't have to speak to opt-out of a list, just remain quiet and not opt-in. Cordially, Nathaniel Suchy Dec 4, 2018, 1:43 PM by mee...@meejah.ca: > Nathaniel Suchy <> m...@lunorian.is <mailto:m...@lunorian.is>> > writes: > >> It's true that someone malicious can run a HSDir and get some (but not >> all) of the Onion Addresses however this would assume that your onion >> address ends up in a malicious HSDir (last time I checked it's >> published to 5 different HSDirs?). >> > > v3 onions get rid of this enumeration attack entirely. They can be used > now with a recent Tor. > > A wider point here is that "enumerate all .onions" *is* considered an > attack on the Tor network, so any "list of onion addresses" would have > to be strictly opt-in. > > Anyone can therefore offer such a service (and people have over the > years done just that). > > -- > meejah > > -- > tor-talk mailing list - > tor-talk@lists.torproject.org > <mailto:tor-talk@lists.torproject.org> > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk> > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
