[Cryptography] Are Tor hidden services really hidden?

Steve Furlong demonfighter at gmail.com
Fri Mar 7 17:10:53 PST 2014


On Fri, Mar 7, 2014 at 7:39 PM, Rich Jones <rich at openwatch.net> wrote:

> Given enough time, your hidden service can be deanonymized

> As I stated in a previous thread, I think the key is likely to be to
> a) redundancy and b) constant movement.

c) Don't get too big, too complicated, or too fancy. Keep your pages or
your apps or your web services tightly focused, and not integrated with
anything that can be stripped out. If you have multiple services, separate
them logically if not physically, and do not provide the convenience
feature of automatically logging a user into a second if logs into a first.
Don't bring in outside JavaScript or stylesheets or images that you can
avoid.

This is not specific to hidden TOR services, or to the blacknet, or to
selling drugs by mail.


-- 
Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1195 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140307/76b90c88/attachment-0001.txt>


More information about the cypherpunks mailing list