[tor-dev] Non-endorsed methods for accessing Tor hidden services

Rishab Nithyanand rishabn.uci at gmail.com
Wed Sep 11 13:02:24 UTC 2019

Hi Tor-Dev,

I'm sending this message on behalf of Hammas, one of my PhD students at
UIowa, who has been unable to get his emails past moderator approval.
Hammas and I have been recently working on the implications of visiting the
Tor hidden services through services not endorsed by Tor itself. The goal
is to see if they're doing things that might deanonymize a user.

Currently, we've only found a handful of Tor2Web websites and extensions. I
have found injected HTMLs containing common trackers and tweaks in request
headers which might cause serious privacy harm.

We want to be more thorough in our study of this ecosystem and were hoping
that you all might be aware of some non-Tor-endorsed extensions, websites,
apps, or services that we should test. No matter how popular or obscure,
please let me know!

Thanks for your time and help!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20190911/04b6b7d4/attachment.html>

More information about the tor-dev mailing list