[tor-talk] Secure Hidden Service

Mirimir mirimir at riseup.net
Thu Jun 26 08:09:00 UTC 2014


On 06/26/2014 12:50 AM, Tor Talker wrote:
> On 25 Jun 2014, at 11:09 PM, Mirimir <mirimir at riseup.net> wrote:
> 
>> ... any Tor user can host a hidden service. But few people, even
>> experienced web engineers, know enough to do it securely enough.
>> Also, hidden services are far more vulnerable than Tor users,
>> simply because they serve stuff.
> 
> OK, I'll bite.
> 
> Are you saying that experienced web engineers are not capable of
> designing systems with security and anonymity in mind, or that that
> there are generally hidden risks in setting up the Tor rendezvous
> connection to a local server?  We can agree not to trust random
> software architects/implementors, but I can say with confidence that
> my team is very competent and security minded (though new to
> publishing Tor hidden services).
> 
> More to the point, do you have specific concerns regarding the
> Linux/Tor/Apache/Perl stack we are using?  We do sanitize error
> messages to prevent Apache from leaking system information, but
> that's really the only special effort other than maintaining good
> overall system security.
> 
> What sort of vulnerabilities would you expect to see?

Well, this Tor Blog entry[1] is a good place to start.

There's also a fundamental bind. Unless you physically control your
servers, they aren't really your servers. And so you want to avoid using
cloud services or hosted servers. But if you do physically control your
servers, you're directly associated with them. And you are betting the
farm that they won't be found (or on your lawyers).

Resolve that, and you have a great business plan :)

[1] https://blog.torproject.org/category/tags/hidden-services


More information about the tor-talk mailing list