On Wed, Aug 18, 2021 at 01:45:06PM -0400, Matt Traudt wrote: > Disable the socks port and set two options: > > SocksPort 0 > HiddenServiceSingleHopMode 1 > HiddenServiceNonAnonymousMode 1 > > All onion services that this tor process operates will connect directly > to introduction and rendezvous points. This lowers the hop count from 6 > to 3 and rivals/beats exit connections in terms of latency/bandwidth. > > The location of the onion service is no longer protected, yet visitors > of the onion service are no worse off than before. >
To be specific, no longer protected from an adversary running a Tor relay who knows the onion address. This is not especially hard to mount as an attack. Nonetheless, onion services, even with the settings you describe, are location-protected for many realistic adversaries, not to mention protected against many other kinds of attacks. Perhaps just a quibble, but I always feel obligated to emphasize that anonymity is not nearly so simple as a boolean choice of configuration with such a name might seem to indicate---either for single-onion services or for double-onion services. Si Vales Valeo, Paul -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
