Tor relay security

Stephen Carpenter thecarp at gmail.com
Wed Feb 3 15:51:48 UTC 2010


On Wed, Feb 3, 2010 at 9:10 AM, Jan Reister <Jan.Reister at unimi.it> wrote:
> Il 03/02/2010 13:59, onion.soup at nym.hush.com ha scritto:
>> 1. The article talks about encrypting sensitive information on a
>> Tor server. Does the author mean that files on hard disk are
>> obtainable by other Tor users when I run a Tor relay?
>
> No, unless a new vulnerability is discovered in Tor.
>
>> 2. I noticed there are key files found on machines running as Tor
>> relays.
>
> An attacker that got your relay's key files after a compromise could
> impersonate it in the Tor network. This is why it's advisable encrypting
> a relay's drive.

How does that help? If the machine is compromised, the disk will be
mounted and unencrypted.
Encrypted drives are really only helpfu if A) physical security/theft
is the major concern or B) you can leave the volume offline.

Does tor need access to these keys after startup (I assume not?) Of
course it does mean needing to decrypt the files for each restart. It
would be nice to have that supported as a standard feature of the
startup script but.... it also means not being able to do unattended
reboots.

-Steve
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list