Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not any better from an anonymity standpoint currently I think. The hidden service's server still runs traffic from it-self to a Tor entry node , through the network, and then back out via an exit Node. So if the NSA can observe all entry and exit node traffic timings, they can figure out who is talking to the hidden service and where it is.

https://www.torproject.org/docs/hidden-services.html.en



The hidden service is a tor node itself and there are no exit nodes involved. As long as there is other traffic passing through the nodes involved an observer can't tell which traffic is for a HS. Maybe :)


I thought that was the case as well, however the documentation [0][1] I read indicated otherwise. I didn't do an exhaustive search after reading those, however, so it's possible. If so, I'm surprised. I'd expect the documentation to make it explicitly clear since their are legal and bandwidth implications to acting as a Tor node (though for non exit nodes, the legal ones are small).

Regardless, even if the hidden service is a node itself, a passive observer can still do traffic correlation attacks. It just requires more resources.

[0]https://www.torproject.org/docs/hidden-services.html.en [1]https://www.torproject.org/docs/tor-hidden-service.html.en


All the hidden service communication happens inside Tor. No exits are involved.

You are correct that a HS node doesn't have to be a bridge, etc. But it is a good idea to mask the traffic.


It seems like providing a tor service to forward traffic after a delay would help disrupt traffic analysis, too.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: