[tor-dev] non-anonymous ephemeral onion services with stem

Micah Lee micah at micahflee.com
Wed Jan 4 01:39:33 UTC 2017


On 01/02/2017 08:45 PM, teor wrote:
>> For my specific use-case, it would be great if you could pass an
>> argument to ADD_ONION that makes that specific onion service
>> non-anonymous, without changing anything globally.
>
> What is the OnionShare use case?
> What are the anonymity expectations of OnionShare users?

OnionShare is a tool to send files over the internet, so it can be used
any time there's a need to do that. The security expectation is that the
traffic can't be eavesdropped on by any attacker, but the anonymity
expectation completely depends on the specific use case that it's being
used for. I think it would be cool if there were an advanced option to
let people use it to create non-anonymous onion services (the next
version will include an advanced option to create stealth onion services).

For example, maybe I want to use OnionShare to send my friend a 2GB
video clip, but anonymity doesn't matter to me. My friend and I already
know who each other are, and I'm not concerned about leaking what we're
doing, I just don't want to leak the plaintext video footage. In this
case, I might want to use a non-anonymous onion service just to make the
file transfer faster.

For another example, pretend I'm a wanting to send a classified Word
document to a journalist. In this case, I really care about anonymity,
so I wouldn't want to use the non-anonymous option (if the journalist is
tech savvy enough to edit their torrc file, I'd probably want to use a
stealth one though).


More information about the tor-dev mailing list