[Cryptography] Are Tor hidden services really hidden?

Rich Jones rich at openwatch.net
Fri Mar 7 16:39:12 PST 2014


> If your hidden service isn't a clusterfuck of unpatched Apache and
sketchy PHP scripts, then it's not likely to get taken down or located.

I agree with your meaning, but not your conclusion. Sketchy PHP and idiot
sysadmins (and methylenedioxypyrovalerone) are certainly the primary reason
for the recent rash of high profile 0wnage which has been going on lately,
that doesn't mean that avoiding those problems will cover your ass in any
way.

Given enough time, your hidden service can be deanonymized, as shown here:
http://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf

As I stated in a previous thread, I think the key is likely to be to a)
redundancy and b) constant movement.

R
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 912 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140307/40408b87/attachment-0001.txt>


More information about the cypherpunks mailing list