On 24 Jan 2017, at 14:01, teor teor2345@gmail.com wrote:
On 10 Jan 2017, at 09:17, teor teor2345@gmail.com wrote:
For example, maybe I want to use OnionShare to send my friend a 2GB video clip, but anonymity doesn't matter to me. My friend and I already know who each other are, and I'm not concerned about leaking what we're doing, I just don't want to leak the plaintext video footage. In this case, I might want to use a non-anonymous onion service just to make the file transfer faster.
Ok, so you trust your friend with your IP and onion address in this use case.
But do you also trust the entire Tor network?
I opened a ticket for the OnionShare single onion service use case: https://trac.torproject.org/projects/tor/ticket/21295
We'll see what we can do, and try to work out the anonymity implications of leaking your IP address to the intro and rendezvous points.
I closed this ticket as "wontfix" with the following comment:
I just don't think this is safe, particularly as part of Tor's current design.
We are adding vanguards to make onion services harder to discover. And we want to reject connections to HSDir, intro, and rendezvous points where there is a client directly connected on both sides.
If someone does want to give up their anonymity, they should run another tor instance, or restart their current instance in non-anonymous mode. Or we should develop a feature where controllers can set custom onion service paths.
T
-- Tim / teor
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n ------------------------------------------------------------------------