[tor-relays] Combined relay and hidden service, good idea or not?
Dave Warren
dw at thedave.ca
Tue Jan 9 18:56:05 UTC 2018
On 2018-01-08 16:08, Roger Dingledine wrote:
> On Mon, Jan 08, 2018 at 03:59:25PM -0700, Dave Warren wrote:
>> Even if Tor didn't supply any relay
>> statistics, a curious and enterprising individual could "explore" by seeing
>> what happens to a particular onion when one launches a DoS attack against an
>> external IP that one believes might be connected to the .onion service.
>
> Yep. If you want to go a step further, check out this paper:
> https://www.freehaven.net/anonbib/#remote-traffic-pets12
> where they investigate inducing congestion on a target IP address
> to learn *what web page it's loading*.
>
> Turns out the attack is only effective in certain situations, but
> the fact that it's worth taking seriously at all is bad news for
> the Internet as a whole.
I forgot about that one! Not a surprise that it's possible in certain
circumstances, I suppose.
Nonetheless, a hidden service should be relatively immune if the IP
address isn't known (and isn't trivially determined, such as also
hosting a relay).
More information about the tor-relays
mailing list