On 11/07/2014 03:42 PM, Jay McKinnon wrote: > [Note: I'm not qualified to determine whether this is a hoax.] > > @loldoxbin claims to have been a part of a group that ran one of the > sites taken down (doxbin). At 6:53 on Nov 7 2014, the account began a > series of tweets which might give hints as to how the servers were > found <https://twitter.com/loldoxbin/status/530765088366821377>. It > involves a DDOS in August this year: > > "Something to note from that graph: There were lots of very odd layer > 7 ddos requests which affected tor performance moreso than anything > ... like my TCP buffers weren't even close to max, but I had to mess > with the ContrainedSockets options in torrc in order to have > availability. ... Intangir and I even talked at the time about how it > was probably a deanonymization attempt."
Might that push a hidden service to use more of its backup guards? In conjunction with DDoSing all known hidden-service guard relays, that could force the hidden service to use malicious relays that are qualified as such. I get that from reading Paul Syverson et alia. -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
