On Fri, Sep 17, 2010 at 10:41 PM, Robert Ransom <rransom.8...@gmail.com> wrote: > If your hidden service really needs to be annoying to find, run it: > > * using only well-written, secure software, > * in a VM with no access to physical network hardware, > * on a (physical) computer with no non-hidden services of any kind > running on it (so that an attacker can't use Dr. Murdoch's ‘Hot or > Not’ clock-skew detection attack), > * and over a fast enough Internet connection that the adversary cannot > easily determine your connection's speed.
I think you've missed some points. * The (Virtual) machine running the hidden service should probably also have no _outbound_ network connectivity except via tor. This is because it can be even easier to trick a software on a server into making a network connection than it is to remotely compromise the server. E.g. your GNU/Linux distribution may have installed some extra CGIs in your webserver that you are unaware of... And here is a potentially controversial suggestion, lets see what others say about it: * You should run your hidden service behind tor bridges rather than directly connecting to the tor network. The rationale for this suggestion is that it may make it more difficult for a network observer to enumerate a list of tor clients in order to apply things like the clock-skew attack or subject them to additional network surveillance. [snip] > The above precautions are probably enough, unless a three-letter agency > (or four-letter association) knows about your hidden service and wants > to find and ‘neutralize’ its operator. In that case, you have to worry > about the near-global passive adversary and other threats that Tor > can't afford to defeat. I fear that you're overstating the security provided. For example, I think that if you managed to piss off the ISP community vigilantes that go after spammers and botnets that they would have a decent chance of tracking you down in spite of your efforts to stay hidden. *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/