On Wed, Aug 13, 2014 at 12:06 PM, <blo...@openmailbox.org> wrote: > If it's possible for the owner of a hidden service (whether the FBI or a > regular person) to install malware which grabs visitors' IPs, then what is > stopping any hidden service owner from doing this?
Nothing is stopping a hidden service owner from doing anything that an operator on the open net can do. > Considering the number of individuals that must have visited the hidden > service, this doesn't seem to be very many people. Why were so few > identified? Were the 25 using outdated browsers (TBB)? > > How, in this case, was it possible for the FBI to learn the IP addresses of > visitors to this hidden service? The Tor hidden server page states that "In > general, the complete connection between client and hidden service consists > of 6 relays: 3 of them were picked by the client with the third being the > rendezvous point and the other 3 were picked by the hidden service." > > Can someone knowledgeable please explain how visitors to a Tor hidden > service can have their real IPs detected? AFAIK the malware used javascript to break the users' browsers. As someone who argues against using javascript in any context, I can only say "told you so", but that doesn't really help anyone. :) Because they managed to get in to the client browser, they could learn the real IP address and MAC address, they didn't learn this through Tor. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
