On 2/20/20, Robin Lee <robinlee@mailbox.org> wrote:
I'm wondering how hidden a hidden service actually is? ... Is it just a function of time and amount of traffic, i.e. the longer you are online and the more traffic you generate, the more probable it is to discover the true ip-address?
Time and traffic are elements of some known research exploits. One form of general answer might also be... Given the number of proven research exploits against such services in the public literature, and the presumed attention to high security that at least some of the fallen services must have given, it's probably worth assuming that... - Public research exploits are being used in the wild. - Private research exploits do exist and are being used in the wild. - Adversaries using such public exploits, and most assuredly such private ones, are unwilling to let those respective facts of advantage become known, particularly when parallel construction and various [il]legal processes around the world effectively allow those trump cards to remain secret, thus not triggering defensive moves and arms races to their disadvantage. This isn't specific to tor, it's the nature of the entire netsec game, the history of such games showing that many such preposterous ideas not always as far fetched as their prior critiques presumed. While searching the web for the exploit papers is easy, the difficulty comes in showing the actual usage of any exploit. There's probably a wide range of honorary awards and nice paychecks available to whoever breaks any big news or research regarding the topic. And certainly many thanks from rights workers, journalists, etc whose very lives and work depend on it.