[tor-talk] How secure is a hidden service?

[grarpamp]

On 2/20/20, Robin Lee <robinlee at mailbox.org> wrote:
> I'm wondering how hidden a hidden service actually is?
> ...
> Is it just a function of time and amount of traffic, i.e. the longer
> you are online and the more traffic you generate, the more probable it
> is to discover the true ip-address?

Time and traffic are elements of some known research exploits.

One form of general answer might also be...

Given the number of proven research exploits against such
services in the public literature, and the presumed attention
to high security that at least some of the fallen services
must have given, it's probably worth assuming that...

- Public research exploits are being used in the wild.
- Private research exploits do exist and are being used in the wild.
- Adversaries using such public exploits, and most assuredly
such private ones, are unwilling to let those respective facts
of advantage become known, particularly when parallel construction
and various [il]legal processes around the world effectively allow
those trump cards to remain secret, thus not triggering defensive
moves and arms races to their disadvantage.

This isn't specific to tor, it's the nature of the entire netsec game,
the history of such games showing that many such preposterous
ideas not always as far fetched as their prior critiques presumed.

While searching the web for the exploit papers is easy, the
difficulty comes in showing the actual usage of any exploit.

There's probably a wide range of honorary awards and nice paychecks
available to whoever breaks any big news or research regarding the topic.
And certainly many thanks from rights workers, journalists, etc
whose very lives and work depend on it.