[tor-relays] Combined relay and hidden service, good idea or not?
florentin.rochet at uclouvain.be
Fri Jan 5 08:23:53 UTC 2018
On 2018-01-05 04:08, tortilla at mantablue.com wrote:
> When operating a hidden service and a relay in one tor instance, tor
> currently warns:
> [warn] Tor is currently configured as a relay and a hidden service. That's
> not very secure: you should probably run your hidden service in a separate
> Tor process, at least -- see https://trac.torproject.org/8742
> First, that issue has been fixed and closed.
The issue is fixed by adding the above warning message: if you care
about your hidden service's "hidden" property, do not run a relay on the
> Second, I had read in the past opinions stating:
> When operating a hidden service, running a relay helps mix traffic so that
> anyone observing traffic from the machine cannot easily run an analysis
> targeted at a hidden service that might exist on that machine.
The part "cannot easily run an analysis targeted at a hidden service"
looks just wrong to me. If you want an example of an active attacker
able to easily uncover such a hidden service (when mixed with a relay),
you can give a look at our paper "Dropping on the Edge: Flexibility and
Traffic Confirmation in Onion Routing Protocols"  (to appear in
PoPETs18). The techniques presented are not applied on that particular
setup, but this is somewhat trivial to do.
More information about the tor-relays