Nathaniel Suchy <m...@lunorian.is> writes: > It's true that someone malicious can run a HSDir and get some (but not > all) of the Onion Addresses however this would assume that your onion > address ends up in a malicious HSDir (last time I checked it's > published to 5 different HSDirs?).
v3 onions get rid of this enumeration attack entirely. They can be used now with a recent Tor. A wider point here is that "enumerate all .onions" *is* considered an attack on the Tor network, so any "list of onion addresses" would have to be strictly opt-in. Anyone can therefore offer such a service (and people have over the years done just that). -- meejah -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk