On Fri, Jan 05, 2018 at 03:08:48AM -0000, tortilla@mantablue.com wrote:
Second, I had read in the past opinions stating:
When operating a hidden service, running a relay helps mix traffic so that anyone observing traffic from the machine cannot easily run an analysis targeted at a hidden service that might exist on that machine.
The text of the startup warning seems to contradict that belief. Is there more to know, or is the warning only applicable to the now-closed information leak?
Can someone kindly clarify the current best practice in this regard and address whether or not that warning should be removed from tor's startup diagnostics?
I believe it is riskier to run an onion service on a public relay if you want to keep the onion service's location hidden. The original reason for this recommendation was because it's easier to induce load on the relay, and then look for corresponding congestion at the onion service.
This congestion "guess and check" concern is similar to the concern around running your local Tor client as a bridge. You can read more here: https://blog.torproject.org/risks-serving-whenever-you-surf https://www.freehaven.net/anonbib/#wpes09-bridge-attack
--Roger