[tor-talk] Not comfortable with the new single-hop system merged into Tor
Mirimir
mirimir at riseup.net
Thu Dec 22 00:47:05 UTC 2016
On 12/21/2016 07:57 AM, David Goulet wrote:
> On 20 Dec (23:38:43), hikki at Safe-mail.net wrote:
>> I just think that this new single-hop system should have been reserved for a
>> different Tor source/installation, dedicated only to non-anonymous hidden
>> services, not merge it with the regular Tor software. And this for security.
I would have liked that better. A fork, if you will. There's already
alpha and beta, so why not a third?
<SNIP>
>> How do I know that my hidden service is really running anonymously, and not
>> with just 1-hop, besides just trusting the config defaults?
>>
>> Please prove me wrong. I'm just concerned here, and just want some feedback.
>> Thanks for understanding!
>
> Hi Hikki!
>
> Thanks for your input, this is a very legitimate concern and I will try to
> address it as much as I can from my Tor developer perspective.
<SNIP>
> Now to your concern of "What if we have a bug in the code that actually makes
> all new onion service become single onion service?"
>
> To be honest, that is the uncertainty of computers and programming that will
> probably never go away. It will _always_ be possible that something goes bad
> in the code. We have MANY other features and functionnalities in Tor that if
> they go bad, it will be worst then having your service become an onion
> service. But, this is where I guess people using Tor have to trust a bit the
> Tor Project that we did our best for the safety of our users which is the
> number *one* priority at all time for us, period.
That's true. How do users know that current Tor releases implement onion
services safely? There was the relay early bug, after all, that lurked
for years (?) until CMU "researchers" exploited it.
> On a side note: With the next generation onion service (we hope by mid-2017 so
> ~6 months), every onion service will advertise in its descriptor that it *is*
> a single onion service and we hope to make the circuit viewer in Tor Browser
> show that when visiting a single onion service.
That will be a good feature! But also, could an onion-local process
monitor circuit construction, and report parameters being used?
Something independent from Tor. Could Stem do that?
<SNIP>
More information about the tor-talk
mailing list