On 6 February 2014 14:51, Thomas Themel thomas@themel.com wrote:
Hi, Luther Blissett (lblissett@paranoici.org) wrote on 2014-02-06:
- When you access the clearnet you need dns name resolving which need
to be "proxyfied" to avoid dns leaks. This issue is supposed to be solved on decent OSes and with TBB, but it is difficult to guarantee that other software/OS won't try to bypass you proxy settings, so it's a permanent worry. When you connect to hidden services, name resolving is done inside tor, never leaving out.
I don't really get this concern. Assuming tor doesn't manage to intercept DNS resolution, won't trying to resolve a well-known .onion address leak as much information as resolving the equivalent clear address?
I believe you're correct. If you're worried that some crazy combination of torsocks+adium might leak the DNS name, it might also leak the .onion. My mostly-normally-configured Windows testing desktop actually sends it out four times:
A record for 'whatever.onion' A record for 'whatever.onion.apt' ('apt' being the internal domain, companies will often use .corp or some other brand) AAAA record for 'whatever.onion.apt' AAAA record for 'whatever.onion'
And a published hidden service name is no more 'anonymous' than duckduckgo.com.
-tom