5 Upvotes
Dread using Daniels Hosting?
Posted 3 days ago* in /d/Dread
by localhost
3 comments
Around 3 days ago a user named /u/localhost made a thread on Dread called "Dread using Daniels Hosting?"
5 Upvotes
Dread using Daniels Hosting?
Posted 3 days ago* in /d/Dread
by localhost
[removed]
3 comments
2 days later it was removed and I curious, so I contacted localhost to see if he or an Admin potetionally trying to censor were behind it.
But localhost did not delete his post /u/HugBunter did
https://www.pictshare.net/3qgkjxida4.png
https://www.pictshare.net/sw87uxbrlj.png
__
From localhost, a PM
"His attitude and removal of the post is worse to me than the usage of dhosting. I hate censorship. He shouldn't underestimate users ability to understand the consequences of sharing your onion private key with a unknown third-party. People should know and be able to make judgment for themselves. Whether it's temporary or not, if it's something you guys want to keep secret, then that's indication that you both know and understand that this is potentially harmful to your visitors and you don't want anyone to know to preserve your "image". Furthermore, I should take this knowledge to Reddit and let everyone know what's really going on. This "front-end" non-sense is really starting to feel fishy. You guys need to fix this or get ahead of this by making a Reddit post, before I decide to let everyone know.
I replied
and here's localhost's response again
"I don't suspect LE is involved. If it was LE, they would be able to easily afford a high end VPS to host their honeypot. Using dhosting just doesn't make sense, its just terrible fucking OPSEC. Why use an unknown third-party when he can host an onion on a $30 raspberry pi...
He said he would remove the dhosting stuff days ago but it's still in use. You should use PGP as much as possible. With dhosting in possession of the dread private key they can decrypt all of our HTTP traffic. I'm not trying to spread FUD, I genuinely have no idea what other types of attacks can be used against users when a private key has been compromised. I'm a hacker but not a tor dev or expert, so that's a little above my skill level.
I think you should bring this news to Reddit, and let a wider audience decide how dangerous this is. Here's the command anyone can use to reveal dhosting as the "front-end".
$ torsocks curl -H "Host: localhost" 'http://dreadecomdopooda.onion'
Any linux user with torsocks and curl installed will be able to verify."
This is FUD and why it was privately addressed with localhost. The proxy server is being moved, which is why there is a temporary solution in place using Dhost to ensure the site stays up. Dhost does not have access to the private key, server files or database.