[tor-talk] Operation Onymous against hidden services, most DarkNet markets are down

Mirimir mirimir at riseup.net
Sat Nov 8 00:10:19 UTC 2014


On 11/07/2014 03:42 PM, Jay McKinnon wrote:
> [Note: I'm not qualified to determine whether this is a hoax.]
> 
> @loldoxbin claims to have been a part of a group that ran one of the
> sites taken down (doxbin). At 6:53 on Nov 7 2014, the account began a
> series of tweets which might give hints as to how the servers were
> found <https://twitter.com/loldoxbin/status/530765088366821377>. It
> involves a DDOS in August this year:
> 
> "Something to note from that graph: There were lots of very odd layer
> 7 ddos requests which affected tor performance moreso than anything
> ... like my TCP buffers weren't even close to max, but I had to mess
> with the ContrainedSockets options in torrc in order to have
> availability. ... Intangir and I even talked at the time about how it
> was probably a deanonymization attempt."

Might that push a hidden service to use more of its backup guards? In
conjunction with DDoSing all known hidden-service guard relays, that
could force the hidden service to use malicious relays that are
qualified as such. I get that from reading Paul Syverson et alia.


More information about the tor-talk mailing list