[TWN team] Recent changes to the wiki pages

Tue Sep 16 02:40:05 UTC 2014

===========================================================================
=== https://trac.torproject.org/projects/tor/wiki/TorWeeklyNews/2014/37 ===
===========================================================================

version 16
Author: harmony
Date:   2014-09-16T02:03:56+00:00

   rewrite a bit

--- version 15
+++ version 16
@@ -69,9 +69,10 @@
 Regular readers of Tor Weekly News will know [XXX] that the hidden
 service protocol is being fully redesigned, and this “next-generation”
 proposal already suggests defenses against this kind of attack [XXX], but
-more eyes are needed. If you are interested, please see proposal
-224 [XXX] for the current state of the hidden services revamp, as well as
-the discussion of this issue on the bug tracker [XXX].
+(as ever) more eyes are needed. If you’re interested, see George Kadianakis’
+introduction to the issues facing hidden services [XXX]; those familiar with
+cryptography in C are welcome to review the discussion of this particular
+issue on the bug tracker [XXX].
 
  [XXX]: https://www.torproject.org/docs/hidden-services
  [XXX]: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
@@ -79,7 +80,7 @@
  [XXX]: https://lists.torproject.org/pipermail/tor-talk/2014-September/034751.html
  [XXX]: https://lists.torproject.org/pipermail/tor-news/2013-December/000023.html
  [XXX]: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt#l571
- [XXX]: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt
+ [XXX]: https://blog.torproject.org/blog/hidden-services-need-some-love
  [XXX]: https://bugs.torproject.org/8106
 
 Miscellaneous news

version 15
Author: harmony
Date:   2014-09-16T01:34:46+00:00

   write hs item

--- version 14
+++ version 15
@@ -30,6 +30,57 @@
  [XXX]: https://lists.torproject.org/pipermail/tor-talk/2014-September/034740.html
  [XXX]: https://bugs.torproject.org/12908#comment:5
  [XXX]: https://www.torproject.org/dist/
+
+Hidden service enumeration and how to prevent it
+------------------------------------------------
+
+When a Tor user wants to connect to a hidden service, their client
+makes a request over the Tor network to a relay acting as a “hidden
+service directory”, or HSDir. In return, the client receives a
+hidden service “descriptor” containing the information necessary for a
+connection to be made, including the set of Introduction Points that
+the hidden service is currently using [XXX].
+
+Hidden services would ideally not be discoverable unless the address is
+public or has been shared directly, but one of the weaknesses of the
+current protocol is that hidden service directories know which services
+they are serving descriptors for; this same shortcoming was an element
+of the “RELAY_EARLY” traffic confirmation attack discovered in
+July [XXX]. Although the full set of descriptors is not published to all
+directories at once — at any given time, six directories are responsible
+for a service’s descriptor [XXX] — the list is rotated frequently, so it
+would not be hard for an adversary to run a relay stable enough to gain
+the HSDir flag, and harvest hidden service addresses as they are uploaded
+to it in turn. 
+
+Fabio Pietrosanti informed the tor-talk mailing list [XXX] of an
+experiment designed to detect this enumeration of hidden services: he
+set up thirty new hidden services, keeping their addresses secret, with
+each service running a script to report any attempts at access from
+outside. As the existence of these services was not disclosed to anyone,
+any requests to the service could only come from a client that had
+obtained the address from a directory which had previously held the
+descriptor, possibly “a malicious Tor relay acting as a TorHS directory,
+with Tor’s code modified to dump from the RAM memory the TorHS list,
+then harvest them with an http client/script/crawler”. After approximately
+a month, according to Fabio’s message, a client did indeed try to access
+one of the “honeypot” services.
+
+Regular readers of Tor Weekly News will know [XXX] that the hidden
+service protocol is being fully redesigned, and this “next-generation”
+proposal already suggests defenses against this kind of attack [XXX], but
+more eyes are needed. If you are interested, please see proposal
+224 [XXX] for the current state of the hidden services revamp, as well as
+the discussion of this issue on the bug tracker [XXX].
+
+ [XXX]: https://www.torproject.org/docs/hidden-services
+ [XXX]: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
+ [XXX]: https://gitweb.torproject.org/torspec.git/blob/HEAD:/rend-spec.txt#l496
+ [XXX]: https://lists.torproject.org/pipermail/tor-talk/2014-September/034751.html
+ [XXX]: https://lists.torproject.org/pipermail/tor-news/2013-December/000023.html
+ [XXX]: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt#l571
+ [XXX]: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt
+ [XXX]: https://bugs.torproject.org/8106
 
 Miscellaneous news
 ------------------
@@ -116,5 +167,4 @@
 
 Possible items:
 
- * hidden service crawling posted https://lists.torproject.org/pipermail/tor-talk/2014-September/034751.html ; this will be moot with hidden services NG, please help!
  * Alison Macrina and April Glaser write about Massachusetts librarians teaching workshops on how freedom of speech and the right to privacy are compromised by the surveillance of online and digital communications -- and what new privacy-protecting services they can offer patrons to shield them from unwanted spying of their library activity, including Tor. http://boingboing.net/2014/09/13/radical-librarianship-how-nin.html



-- 
Your friendly TWN monitoring script

      In case of malfunction, please reach out for lunar at torproject.org
          or for the worst cases, tell weasel at torproject.org to kill me.
