[tor-talk] What happens when an .onion site is compromised?
Nathaniel Suchy
me at lunorian.is
Thu Dec 6 20:51:30 UTC 2018
If an onion site is compromised, you can serve the user malicious content and with a Tor Browser Vulnerability can harm it's users.
If your private key is compromised, your only recourse is to go create a new onion address.
We don't know what vulnerabilities exist in the current version of Tor Browser. If IP Leaks and zero day vulerabilites put you in physical danger, consider Tor Tails. It uses firewall rules to try and block non-tor traffic. It's not bulletproof but simple proxy bypasses are mitigated.
Regarding the "CP Site" that you mentioned, the thing is that if the pedophiles had been using an up to date version of Tor Browser or you know, not looking at child pornography on Windows (macOS / Linux builds were not targeted as far as we know), they would not of been caught and would have remained free.
Some lessons learned...
1) Keep Tor Browser up to date2) Don't do illegal things on Windows, it has more users and is easier to mass target the most criminals by focusing on Windows hosts
3) Maybe, just maybe, don't look at child pornography in the first place
Cordially,
Nathaniel Suchy
Dec 6, 2018, 3:33 PM by jiggytwiggy at danwin1210.me:
> Imagine that an .onion site is compromised. This could be by the owner who
> wishes to expose visitors or by the police who want to target the
> clientele.
>
> (I remember, in the later case, reading something on Deep Dot Web about
> when the FBI took over a CP site and installed malware).
>
> The goal is to acquire users' real IP addresses.
>
> What would happen to a visitor if they visited a booby trapped .onion
> site? The visitor would be using the current version of TBB. How would it
> be possible for a visitor to be in danger?
>
>
> --
> tor-talk mailing list - > tor-talk at lists.torproject.org <mailto:tor-talk at lists.torproject.org>
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>
>
More information about the tor-talk
mailing list