On 18 Mar 2012, at 12:46, "Fabio Pietrosanti (naif)" lists@infosecurity.ch wrote:
- Security issue
Looking at the server seizure threat scenario, who seize the computer running TorHS will be able to know the identity of the TorHS itself by looking at the "hostname" file
Why not simply use Full Disk Encryption or similar to protect all the data files, hat avoids a compromise for any file on the system, heck if hey turn the box off they can't even see there is Tor on it at all. also heavily note that the actual content served is likely much more valuable and you will want to protect that too.
Note that you can do this already today and it does not require an changes to Tor.
Greets, Jeroen