Obfuscated URLs?

Max petersonmaxx at googlemail.com
Tue Jun 30 20:37:30 UTC 2009

already in here:

On Tue, Jun 30, 2009 at 8:47 PM, Martin Fick <mogulguy at yahoo.com> wrote:

> Obfuscated URL Paths?
> Would it be possible to create a URL or some longer string that
> describes a hidden path through the tor network to a specific
> hidden URL and to implement a routing mechanism to access
> documents (files) using this "Obfuscated URL"?
> I am fully aware of hidden services, and I am suggesting something
> that I think is quite different.  I am suggesting a way to point
> someone to a file on the normal non-hidden internet without
> telling them where I am pointing to!
> I envision an onion encrypted URL along with the exact path through
> tor (the three hops) also onion encrypted.  This would be similar
> to the way a client normally wraps requests through tor, but the
> wrapping would happen up front and then the wrapper would become
> the "Obfuscated URL" which could be handed off to someone else
> obfuscating both the path through tor and the final destination to
> the person receiving the "Obfuscated URL".
> Obviously, this would not allow a user to chose their own route
> through tor to maintain anonymity according to their standards,
> so allowing them to route through 3 original nodes before using
> the obfuscated URL inside the tor network might be necessary.
> This I believe should be similar to the way accessing hidden
> services works (3 hops in, 3 hops out).
> The hard part is that it seems like it would also be necessary
> to layer a document fetching mechanism ontop of tor instead of
> simply wrapping TCP to make this effective though?  If not,
> obfuscating the URL from the fetcher is likely to be useless since
> end point servers are likely to divulge their locations via most
> protocols (headers...).  Would there be an easier way, to avoid
> this disclosure than creating a new fetching protocol?  Perhaps,
> by adding a built-in simple obfuscating proxying mechanism such
> as polipo on the exit side?
> The intent of the Obfuscated URL would not necessarily be to
> maintain long term obfuscation of the URL (could it?), but at
> least to be the basis of a mechanism that would allow users to
> publish hard to censor anonymous content without a hidden service.
> Perhaps the user changes the hidden location every now and then
> in case the real URL is eventually disclosed, but it the
> obfuscation mechanism works for a long enough time, in some case,
> this might be a lot easier and safer than using a hidden service
> (easier to change the location, ability to use free web space
> anonymously...).  Of course, I neglected to mention how the
> user would publish their obfuscated URLs in the first place,
> but that problem exists with onion URLs also?
> Any thoughts?  Crazy, useless, impossible...
> Cheers,
> -Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20090630/d1b4e0b4/attachment.htm>

More information about the tor-talk mailing list