On 08/26/2013 12:58 AM, Nathan Suchy wrote: > Tor is very secure software but its time we redesign hidden services to be > faster and more secure. We should bundle a hidden service server which > won't connect to the internet except through Tor and only knows it's Tor IP > address.
It would also help if hidden services didn't "stay in the same place over time". A Tor version of CloudFlare etc might help. Perhaps it could detect attacks, and respond appropriately. > On Aug 25, 2013 7:58 PM, "Roger Dingledine" <[email protected]> wrote: > >> On Sun, Aug 25, 2013 at 05:05:26PM -0400, [email protected] wrote: >>> The US feds did actually take down FH, which was a HIDDEN SERVICE! They >>> found it and arrested the admin! Period! >> >> Reminds me of my response when in 2011 some Dutch police broke into >> a hidden service: >> https://lists.torproject.org/pipermail/tor-talk/2011-September/021198.html >> >> "If you have an instant messaging conversation with a Tor user and >> convince her to tell you her address, did you break Tor? Having an >> http conversation with a webserver running over a Tor hidden service, >> and convincing it to tell you its address, is not much different." >> >> We don't know in this case if they did it through exploiting the software >> running on the other end of the hidden service, or by the old "follow >> the money" trick, or by having an insider provide the info, or what. >> >> It could in fact have been by attacking the Tor protocol directly (see >> below). But I think in many cases, even with the various known weaknesses, >> the above "just bypass Tor and attack them in other ways" approaches >> are even easier. (This observation should scare you more, not less.) >> >> The fact that somebody started serving malware on the various hidden >> services: >> >> https://blog.torproject.org/blog/tor-security-advisory-old-tor-browser-bundles-vulnerable >> makes me think that they got in via the software running the webserver. >> I mean, heck, I heard he let strangers run php scripts in his webserver. >> >> For another case of a hidden service being compromised, see >> https://blog.torproject.org/blog/trip-report-october-fbi-conference >> The summary sentence there is "Way before they switched to a Tor hidden >> service, the two main people used Hushmail to communicate." >> >>> If they can find hidden services, finding regular tor clients would be >> even >>> easier! >> >> This part is unfortunately (well, ok maybe fortunately, but either >> way) false. Hidden services are weaker than normal Tor circuits for two >> reasons: a) they stay in the same place over time, and b) you, the user, >> can choose how often they make circuits. These two properties combine >> to produce a variety of other problems. I described some of them briefly >> in the 29c3 talk this past December, but see >> https://blog.torproject.org/blog/hidden-services-need-some-love for >> many more details, including references to academic papers on the topic. >> >> --Roger >> >> -- >> tor-talk mailing list - [email protected] >> To unsusbscribe or change other settings go to >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> -- tor-talk mailing list - [email protected] To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
