Hey,
On 2018-01-05 04:08, tortilla@mantablue.com wrote:
When operating a hidden service and a relay in one tor instance, tor currently warns:
[warn] Tor is currently configured as a relay and a hidden service. That's not very secure: you should probably run your hidden service in a separate Tor process, at least -- see https://trac.torproject.org/8742
First, that issue has been fixed and closed.
The issue is fixed by adding the above warning message: if you care about your hidden service's "hidden" property, do not run a relay on the same process.
Second, I had read in the past opinions stating:
When operating a hidden service, running a relay helps mix traffic so that anyone observing traffic from the machine cannot easily run an analysis targeted at a hidden service that might exist on that machine.
The part "cannot easily run an analysis targeted at a hidden service" looks just wrong to me. If you want an example of an active attacker able to easily uncover such a hidden service (when mixed with a relay), you can give a look at our paper "Dropping on the Edge: Flexibility and Traffic Confirmation in Onion Routing Protocols" [1] (to appear in PoPETs18). The techniques presented are not applied on that particular setup, but this is somewhat trivial to do.
Best, Florentin