[tor-talk] Hidden service may be compromised

Kostas Jakeliunas kostas at jakeliunas.com
Fri Apr 11 15:56:03 UTC 2014

On Fri, Apr 11, 2014 at 6:19 PM, Cyrus <cyrus_the_great at riseup.net> wrote:

> My hidden service address may have been compromised in Heartbleed. I
> can't seem to reach my own hidden service most of the time. Other
> services I hope so far seem unaffected. I am curious what happens if the
> same private key is used by someone else, and how an attacker might use
> a private key to disable a hidden service. I am currently switching to a
> new key as a precaution. Information would be greatly appreciated,
> because I think someone is blocking my hidden service somehow.

i wonder how hard it would be to try and fetch *all* of a hidden service's
descriptors (not "try and fetch the first one i can get"), and then to
compare them.

one would either need to patch tor itself, or one could do it via Stem, but
they would need to do the fetching itself via a tor circuit. might be a
useful diagnostic tool/thingie, hm.



0x0e5dce45 @ pgp.mit.edu

More information about the tor-talk mailing list