Quoth Mike Perry: > > > Hidden service circuits require ~4X as many Tor router traversals > > > as normal Tor exit circuits to set up, and unlike normal Tor exit > > > circuits, they are often *not* prebuilt. Once they are set up, they > > > still require 2X as many Tor router traversals end-to-end as normal > > > circuits. You could easily circle the globe several times to issue > > > a single search query. > > > > > > And all this is to use the Tor hidden service's 80bit-secure hash > > > instead of an https cert, along with all of the other issues with > > > Tor Hidden Services that have accumulated over the past decade due > > > to the lack of time for maintenance on Tor's part? I am not > > > convinced. > > > > This is good to know -- don't promote hidden service versions of > > websites (including DDG) when they have an https version, as hidden > > services are broken as of now. > > Right. However, hidden services are still useful in narrow > circumstances, even as janky as they are. I think their most compelling > usecase is as fully internal TCP-style application endpoints, not as > authentication mechanisms for services that already exist on the > surveilled Internet, and use it for their communications.
But don't hidden services have the advantage that as there is no exit node, the adversary controlling the entry and exit node problem goes away? Or am I misunderstanding. I see that in this case the tor connection to the website is not likely to be the weak point anyway, but I'd be keen to know if I've got this wrong. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
