[liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
Griffin Boyce
griffinboyce at gmail.com
Mon Aug 5 09:22:55 PDT 2013
Fabio Pietrosanti (naif) <lists at infosecurity.ch> wrote:
> After a quick check at a random Tor2web server, it seems that there's no
> specific pattern of traffic-drop.
>
> Who knows, maybe the amount of TorHS that has been takendown are just a
> few.
Yeah, it seems like people are vastly overestimating the number of hidden
services affected. Freedom Hosting was the largest free HS host, but
estimating them at half of all hidden services is a bit much. The last time
they went down, the majority of hidden services remained unaffected. My
belief is that most hidden services are actually self-hosted.
Tor has maintained for quite a while that attacks that break out of
firefox's sandboxing are their biggest concern in terms of deanonymization.
And they really should be. Since the switch to TBB vs
Vidalia+Torbutton+Manual config, users are more likely to be using the same
version of firefox. In some ways this is great, the goal being to make Tor
users look identical and therefore bypass fingerprinting. In other ways,
perhaps not ideal. A userbase that is unified in this way is far more
likely to be susceptible to a given exploit than a diverse one. My
understanding is that they are looking for more/better ways to sandbox the
whole shebang.
I do wish that Vidalia were still being actively developed though =/
~Griffin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130805/feb3d387/attachment.html>
More information about the liberationtech
mailing list