[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Cryptography] Are Tor hidden services really hidden?
- To: Griffin Boyce <[email protected]>
- Subject: [Cryptography] Are Tor hidden services really hidden?
- From: [email protected] (Rich Jones)
- Date: Fri, 7 Mar 2014 16:39:12 -0800
- Cc: "[email protected]" <[email protected]>
- In-reply-to: <[email protected]>
- References: <CAMm+LwhGPw7=1nyWr=7kGbTyvzcFE1k58JQr=bizLxcvahtyGQ@mail.gmail.com> <CAD2Ti29NUXo17n-bv8HM=vfY6dVW3KxkKFQZaX5LJ4aVXkpVFA@mail.gmail.com> <CAMm+Lwjfi=PD7MmP4Obw67q3S5YPX8KJiK7uXFoivGbqAHNLUQ@mail.gmail.com> <CA+cU71mfO3DGQdu2O-=JyiCBG9zMRXouh=fW_s8u9RVcRug8kg@mail.gmail.com> <CAMm+Lwijd7myBCEs2+1qOJnB2wQR-z3wfu5Db6Du+Zyq9NDZ7w@mail.gmail.com> <[email protected]> <CAD2Ti2-HW=FZsN3YT5q8_pjay_aVuGAKBvvyz3Xu8uKbqP30Dg@mail.gmail.com> <[email protected]> <[email protected]>
> If your hidden service isn't a clusterfuck of unpatched Apache and
sketchy PHP scripts, then it's not likely to get taken down or located.
I agree with your meaning, but not your conclusion. Sketchy PHP and idiot
sysadmins (and methylenedioxypyrovalerone) are certainly the primary reason
for the recent rash of high profile 0wnage which has been going on lately,
that doesn't mean that avoiding those problems will cover your ass in any
way.
Given enough time, your hidden service can be deanonymized, as shown here:
http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf
As I stated in a previous thread, I think the key is likely to be to a)
redundancy and b) constant movement.
R
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140307/40408b87/attachment.html>