[tor-relays] Combined relay and hidden service, good idea or not?

[Dave Warren]

On 2018-01-08 03:21, Florentin Rochet wrote:
>> Perhaps in the case that the HS operator is not trying to mask the HS
>> location, the act of mixing public relay traffic can be nothing but a
>> *help* to defeat anyone trying to correlate traffic coming to the HS with
>> traffic emanating from any one client.
> 
> Yes, if the HS operator does not want to mask the HS location, then it 
> is all good. For that purpose, I agree that the warning message should 
> be changed.

Indeed. I run some public resources (e.g. torproject.org mirror) on a 
public URL with a .onion site as well. Nothing is intended to be hidden, 
I simply want the content of anything I mirror to be available to Tor 
users without relying on an exit.

After an "abuse" report warning me that my hidden site is "leaking" its 
location, my root robots.txt and a separate README file now both display 
the public and .onion addresses with a note that nothing is intended to 
be hidden. (I also appreciate the individual who sent the warning!)

On the flip side, to a new/naive hidden service operator the warning 
could be useful as it may not be immediately obvious to someone just 
dipping their toes in Tor as to why and how this configuration might 
reveal their hidden service's real physical location.

I avidly dislike warnings appearing in my logs that I intend to ignore, 
I would prefer to see this be controlled by a preference in torrc, 
either by an option to disable the warning, or better, require an 
explicit switch to be set before tor will act as both a relay and a 
hidden service. By making a "allow both HS and relay function" switch 
that is disabled by default, we could place appropriate comments in the 
default torrc file which explain the risks.

Whether any of this really matters in the real world, I don't know, but 
getting the attention of an inexperienced operator before they make a 
privacy-reducing mistake seems like A Good Thing.