[tor-talk] Operation Onymous against hidden services, most DarkNet markets are down

coderman coderman at gmail.com
Sun Nov 9 10:59:24 UTC 2014


On 11/7/14, Mirimir <mirimir at riseup.net> wrote:
>> ...
>> "Something to note from that graph: There were lots of very odd layer
>> 7 ddos requests which affected tor performance moreso than anything
>> ... like my TCP buffers weren't even close to max, but I had to mess
>> with the ContrainedSockets options in torrc in order to have
>> availability. ... Intangir and I even talked at the time about how it
>> was probably a deanonymization attempt."
>
> Might that push a hidden service to use more of its backup guards? In
> conjunction with DDoSing all known hidden-service guard relays, that
> could force the hidden service to use malicious relays that are
> qualified as such. I get that from reading Paul Syverson et alia.

if you crash Tor, it won't necessarily use more of its backup guards.
this attack would have to be combined with other network level (MitM)
tampering to manipulate route selection like that, as i currently
understand the situation.

with your "DDoSing all known hidden-service guard relays" perhaps you
allude to this, but note that all you'd need to do is interfere with
the hidden service path to those guards to be effective. (RST
injection) rather than a carpet bombing of all guards HS uses.


best regards.


More information about the tor-talk mailing list