<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On 6 March 2018 at 17:54, Michael Jonker <span dir="ltr"><<a href="mailto:michael@openpoint.ie" target="_blank">michael@openpoint.ie</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<p>2) Bisq 's infrastructural backbone runs as a P2P network over
TOR network. Clients talk to each other and there are various
hidden services providing network resources. <br></p></div></blockquote></div><div class="gmail_extra"><br></div><div class="gmail_extra">At the risk of blowing my own trumpet, I tried writing up suggestions for hardening hidden services to preserve their anonymity:</div><div class="gmail_extra"><br></div><div class="gmail_extra"> <font face="monospace, monospace"><a href="https://github.com/alecmuffett/the-onion-diaries/blob/master/basic-production-onion-server.md">https://github.com/alecmuffett/the-onion-diaries/blob/master/basic-production-onion-server.md</a><br></font></div><div class="gmail_extra"><br></div><div class="gmail_extra">...although the above was written long before I got seriously into EOTK, and into the amazing benefits of using Unix-domain sockets to connect my webservers and tor-daemons.</div><div class="gmail_extra"><br></div><div class="gmail_extra">Aside: the benefits of Unix-domain sockets include: </div><div class="gmail_extra"><br></div><div class="gmail_extra">- massively increased resistance to socket-table-filling denial-of-onion-service attacks, and faster recovery times</div><div class="gmail_extra">- (probably) lower latency</div><div class="gmail_extra">- reduced (but not eliminated) risk of IP metadata leakage of internet address, etc, because less reliance on network addresses</div><div class="gmail_extra"><br></div><div class="gmail_extra">But between *that* document, and some of the tech in EOTK, there may be some useful hardening tips for you.</div><div class="gmail_extra"><br></div><div class="gmail_extra"> - alec</div><div class="gmail_extra"><br></div>-- <br><div class="gmail_signature"><a href="http://dropsafe.crypticide.com/aboutalecm" target="_blank">http://dropsafe.crypticide.com/aboutalecm</a><br></div>
</div></div>