Re: Example hidden service issue
Roger Dingledine wrote: Wont that give google a map of Real IP - Hidden service name? Yes, you're absolutely right. Oops. Thanks for pointing it out. I originally split the setup instructions into two steps because people had a lot of trouble distinguishing whether they had screwed up editing their torrc or had screwed up setting up their webserver. It's doubly tricky because we're trying to be platform independent in the instructions. One option is to remove step one. This will cause more people to get confused and send us angry mail that our instructions are too hard. *snip option two* Just a reminder as it's been a few weeks since this discussion. The bad hidden service instructions are still up in the online documentation. I left option one above as I think that should be the option used, at least in the short term until someone gets around to writing some more extensive documentation. Mike
Re: Example hidden service issue
Roger Dingledine wrote: Yes, you're absolutely right. Oops. Thanks for pointing it out. *snip option two* Just a reminder as it's been a few weeks since this discussion. The bad hidden service instructions are still up in the online documentation. I left option one above as I think that should be the option used, at least in the short term until someone gets around to writing some more extensive documentation. Hi Mike, Thanks for the kick. This has been moving up my todo list, but I just jumped it to the top and finished it: Thanks. I was just checking it hadn't been forgotten :) http://tor.eff.org/docs/tor-hidden-service.html.en Folks, please let me know if this new page is intelligible and also if it fixes all the issues we've raised. It fixes the issue I raised. It all makes sense to me and is clear to follow, but then I'm speaking as someone that already understood how to do it... Regardless, complicated yet safe documentation is preferable to simple yet unsafe documentation. Mike
Re: Example hidden service issue
On Sat, Mar 31, 2007 at 03:12:21PM +0100, Mike Cardwell wrote: In the documentation it tells you to set up an example hidden service pointing at google.com, eg: HiddenServicePort 80 www.google.com:80 I've just started looking at hidden services so I'm not exactly sure how they work yet, but if I'm correct, by setting that up and testing it surely you'll be connecting to www.google.com on port 80 from the server with your hidden service and doing a: GET / HTTP/1.1 Host: youronionaddress Wont that give google a map of Real IP - Hidden service name? Yes, you're absolutely right. Oops. Thanks for pointing it out. I originally split the setup instructions into two steps because people had a lot of trouble distinguishing whether they had screwed up editing their torrc or had screwed up setting up their webserver. It's doubly tricky because we're trying to be platform independent in the instructions. One option is to remove step one. This will cause more people to get confused and send us angry mail that our instructions are too hard. Another option is to change www.google.com to some other address. But even if it's a site we really trust (like tor.eff.org), there's still the worry about somebody watching the site. We could suggest https://tor.eff.org/ instead, because then an observer wouldn't be able to learn the Host: header (I believe), but that doesn't really resolve the point of failure, and explaining how to prepend https://; to the .onion address will turn the instructions back into a mess. Any other good options out there? :) I'm leaning towards option one at this point, simply because instructing people to point their .onion addresses at an external site is just asking for trouble -- and suggesting a company that's well-known for keeping extensive logs is a particularly egregious choice. Thanks! --Roger
Example hidden service issue
In the documentation it tells you to set up an example hidden service pointing at google.com, eg: HiddenServicePort 80 www.google.com:80 I've just started looking at hidden services so I'm not exactly sure how they work yet, but if I'm correct, by setting that up and testing it surely you'll be connecting to www.google.com on port 80 from the server with your hidden service and doing a: GET / HTTP/1.1 Host: youronionaddress Wont that give google a map of Real IP - Hidden service name? Mike
Re: Example hidden service issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Mike, In the documentation it tells you to set up an example hidden service pointing at google.com, eg: HiddenServicePort 80 www.google.com:80 I've just started looking at hidden services so I'm not exactly sure how they work yet, but if I'm correct, by setting that up and testing it surely you'll be connecting to www.google.com on port 80 from the server with your hidden service and doing a: GET / HTTP/1.1 Host: youronionaddress Wont that give google a map of Real IP - Hidden service name? In fact, that is not the information you want to hide. The server that is to be hidden may know which Tor node is actually hiding it. Hidden services are meant to hide the locations of the servers (here: Google) from others. Perhaps it's better if you think of another server than Google which you would like to hide. I mean, for me, Google means the opposite of anonymity---apart from Google summer of code supporting Tor which is a step into the right direction. ;) If you set up a hidden service, you provide access to a service in the non-Tor network to a client connecting to you over the Tor network (simplified picture): client -- Tor proxy -- some Tor routers -- Tor proxy (YOU) -- Google You advertise the server to the Tor network using an onion address. As soon as you receive a request to the hidden service from a client, you connect to Google with your own IP, perform the request, and respond to the client over Tor. I hope that this makes it a little clearer to you. Karsten -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGDnfk0M+WPffBEmURAjrFAKC/IovXsmvrTeVhlhu4MLkkvKWSTACdFi+F zlY9cyJMpdZFdUij/z95ebc= =s9c6 -END PGP SIGNATURE-
Re: Example hidden service issue
On Sat, 31 Mar 2007 09:31:01 -0700 Joseph B. Kowalski [EMAIL PROTECTED] wrote: Guys, this, noted in the original post is incorrect: GET / HTTP/1.1 Host: youronionaddress When you contact www.google.com, your request goes like this: GET / HTTP/1.1 Host: www.google.com You are telling the web server which web site to serve you, using the name as an identifier. To clarify, The HOST field is not to identify you, but to tell the web server you are connecting to which website you would like (Since many servers host multiple sites) Oops, sorry. Accessing it at a .onion address... Please disregard my above message. That's what I get for trying to send an email before I have had my coffee. :) As you were... Best regards, Joe Kowalski
Re: Example hidden service issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, That's exactly the way I should have described the issue in my original post. I didn't think I'd need to spell it out in so much detail. :) Was that me confusing everyone?! :( Sorry for that, my fault! The descriptions above seem right to me. If you assume that everyone that has set up a hidden service has done the google test as described in the documentation and hasn't then changed the onion address afterwards. Also assume that google logs the Host header, eg using apache common+host format and that they archive the logs. This gives google the ability to grep for an onion address and get the real ip of the hidden service if they're ever asked for it. Further to this, there is still a problem even if you *do* change the onion address after doing the test. The fact that google can see that someone was testing setting up a hidden tor service from a particular IP on a particular date is often going to be enough info to expose the *probable* real location of a hidden service. These could indeed be new threats to hidden services; the first being more threatening than the second. I could imagine that nobody has ever thought about an untrustworthy (to be hidden) server, but only about all the other untrustworthy nodes in the network. I assume I also need more thinking on that... and more coffee... Maybe it could help to switch steps one and two in the howto? First set up the web server and try if it's available over http://localhost:5222, and then make it available over Tor. Or is there a special reason for this order that I overlooked? Karsten -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGDpqy0M+WPffBEmURAqIdAJ91mYQp37R9vfW4IbJXPtTUF9twfwCfWlUK ziM7iOR7SiSP3j2eaEQvR34= =djF6 -END PGP SIGNATURE-
Re: Example hidden service issue
* on the Sat, Mar 31, 2007 at 07:30:26PM +0200, Karsten Loesing wrote: Further to this, there is still a problem even if you *do* change the onion address after doing the test. The fact that google can see that someone was testing setting up a hidden tor service from a particular IP on a particular date is often going to be enough info to expose the *probable* real location of a hidden service. These could indeed be new threats to hidden services; the first being more threatening than the second. I could imagine that nobody has ever thought about an untrustworthy (to be hidden) server, but only about all the other untrustworthy nodes in the network. I assume I also need more thinking on that... and more coffee... Maybe it could help to switch steps one and two in the howto? First set up the web server and try if it's available over http://localhost:5222, and then make it available over Tor. Or is there a special reason for this order that I overlooked? I think the whole google test should be removed from the documentation. I also think that everyone should be aware that if they did the google test and continued to use the same onion address that their real IP can *probably* be found by the authorities if need be. Also, if google can see a log entry of an onion address request coming from a certain IP, then someone announces a hidden service a day later with a *different* onion address, they can make a good guess that it's running from the same IP and they've simply changed the onion address. I'm assuming here there aren't thousands of new hidden services added every day to the tor network Mike