"Hidden service users face a greater risk of targeted deanonymization than normal Tor users"

This link is to a PDF breakdown of a recent infosec speech by Filippo Valsorda and his team detailing the findings of their research on deanonymization of Tor hidden services. Their thorough research revealed that analysis of a hidden service user's HSDir data deanonymized that user similar to a malicious exit node. The paper points out the vulnerability in very detailed technical terms that might be considered heavy reading to some. It also points out several defenses to the problem. https://conference.hitb.org/hitbsecconf2015ams/materials/D2T2%20-%20Filippo%20Valsorda%20and%20George%20Tankersly%20-%20Non-Hidden%20Hidden%20Services%20Considered%20Harmful.pdf


Comments


[3 Points] None:

[deleted]


[2 Points] DancingWindAway:

I said it before and I'll say it again:

If your whole OpSec, connection-wise, is Tor you are a low hanging fruit.

There are many ways to gain additional layers of security from a trusted VPN over Sock5 (better yet Victim Socks) to virtual gateways.

Tails might be easy to use and has a clean interface, but it solely relies on the Tor Network.

International LE will evolve it's methods. Will you ?


[1 Points] aakilfernandes:

If you run a hidden service that does not need location hiding, you are unnecessarily exposing your users to this risk.

Should also be stated that running your own hs prevents snooping from the exit node. So there's a pro and con even if you don't need location hiding.


[1 Points] Not_DEA_trust_me:

OpSec is for cowards that aren't man enough for a shot out with the police!