Example hidden service issue

Mike Cardwell tor at lists.grepular.com
Sat Mar 31 17:44:02 UTC 2007


* on the Sat, Mar 31, 2007 at 07:30:26PM +0200, Karsten Loesing wrote:

>> Further to this, there is still a problem even if you *do* change the
>> onion address after doing the test. The fact that google can see that
>> someone was testing setting up a hidden tor service from a particular IP
>> on a particular date is often going to be enough info to expose the
>> *probable* real location of a hidden service.
 
> These could indeed be new threats to hidden services; the first being
> more threatening than the second. I could imagine that nobody has ever
> thought about an untrustworthy (to be hidden) server, but only about all
> the other untrustworthy nodes in the network. I assume I also need more
> thinking on that... and more coffee...
> 
> Maybe it could help to switch steps one and two in the howto? First set
> up the web server and try if it's available over http://localhost:5222,
> and then make it available over Tor. Or is there a special reason for
> this order that I overlooked?

I think the whole google test should be removed from the documentation.
I also think that everyone should be aware that if they did the google
test and continued to use the same onion address that their real IP can
*probably* be found by the "authorities" if need be.

Also, if google can see a log entry of an onion address request coming
from a certain IP, then someone announces a hidden service a day later
with a *different* onion address, they can make a good guess that it's
running from the same IP and they've simply changed the onion address.
I'm assuming here there aren't thousands of new hidden services added
every day to the tor network

Mike



More information about the tor-talk mailing list