On Tue, Dec 04, 2018 at 04:14:46PM +0000, iwanle...@cock.li wrote: > The descriptors seem to indicate onion addresses. So if I act a relay, I > seem to be able to get the addresses. Then how? ... Could someone skilled > try to get the lists? :D
Please don't. In particular, if we notice that your relay is enumerating onion addresses that it learns about, we will kick your relay out of the network. That's because it's a known protocol bug with the old v2 onion service design, and so we consider exploiting the bug to be a form of attacking the network. For a more detailed explanation, check out minutes 30-37 of https://media.ccc.de/v/32c3-7322-tor_onion_services_more_useful_than_you_think and you can follow along with slide 32 of https://freehaven.net/~arma/slides-32c3.pdf Or from yet another angle, if you're running a relay with the goal of learning stuff about users, rather than the goal of providing safe relaying for users, then I wonder what else you're willing to attack or undermine rather than protect. And if you're not forthcoming about your goals and why they're safe enough, I worry that you're not a positive contributor to our community: https://research.torproject.org/safetyboard.html Hope this helps, --Roger -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
