Obfuscated URLs?
Edward Langenback
apostle at peculiarplace.com
Wed Jul 1 00:09:03 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Max wrote:
> already in here:
> http://offsystem.sf.net <http://offsystem.sf.net/>
I've had a look at OFF system and I think I'd rather stick with Freenet
for such purposes.
> On Tue, Jun 30, 2009 at 8:47 PM, Martin Fick <mogulguy at yahoo.com
> <mailto:mogulguy at yahoo.com>> wrote:
>
>
> Obfuscated URL Paths?
>
> Would it be possible to create a URL or some longer string that
> describes a hidden path through the tor network to a specific
> hidden URL and to implement a routing mechanism to access
> documents (files) using this "Obfuscated URL"?
>
> I am fully aware of hidden services, and I am suggesting something
> that I think is quite different. I am suggesting a way to point
> someone to a file on the normal non-hidden internet without
> telling them where I am pointing to!
>
> I envision an onion encrypted URL along with the exact path through
> tor (the three hops) also onion encrypted. This would be similar
> to the way a client normally wraps requests through tor, but the
> wrapping would happen up front and then the wrapper would become
> the "Obfuscated URL" which could be handed off to someone else
> obfuscating both the path through tor and the final destination to
> the person receiving the "Obfuscated URL".
>
> Obviously, this would not allow a user to chose their own route
> through tor to maintain anonymity according to their standards,
> so allowing them to route through 3 original nodes before using
> the obfuscated URL inside the tor network might be necessary.
> This I believe should be similar to the way accessing hidden
> services works (3 hops in, 3 hops out).
>
> The hard part is that it seems like it would also be necessary
> to layer a document fetching mechanism ontop of tor instead of
> simply wrapping TCP to make this effective though? If not,
> obfuscating the URL from the fetcher is likely to be useless since
> end point servers are likely to divulge their locations via most
> protocols (headers...). Would there be an easier way, to avoid
> this disclosure than creating a new fetching protocol? Perhaps,
> by adding a built-in simple obfuscating proxying mechanism such
> as polipo on the exit side?
>
> The intent of the Obfuscated URL would not necessarily be to
> maintain long term obfuscation of the URL (could it?), but at
> least to be the basis of a mechanism that would allow users to
> publish hard to censor anonymous content without a hidden service.
> Perhaps the user changes the hidden location every now and then
> in case the real URL is eventually disclosed, but it the
> obfuscation mechanism works for a long enough time, in some case,
> this might be a lot easier and safer than using a hidden service
> (easier to change the location, ability to use free web space
> anonymously...). Of course, I neglected to mention how the
> user would publish their obfuscated URLs in the first place,
> but that problem exists with onion URLs also?
>
> Any thoughts? Crazy, useless, impossible...
>
> Cheers,
>
> -Martin
>
>
>
>
>
- --
The best way to get past my spam filter is to sign or encrypt
your email to me.
My PGP KeyId: 0x84D46604
http://blogdoofus.com
http://tinfoilchef.com
http://www.domaincarryout.com
Un-official Freenet 0.5 alternative download
http://peculiarplace.com/freenet/
Mixminion Message Sender, Windows GUI Frontend for Mixminion
http://peculiarplace.com/mixminion-message-sender/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQEVAwUBSkqpH3V+YnyE1GYEAQjuPAf+NxUCFiYNVuTkqID2A7Wyazu8gLi47+Uh
kwVMudAbnLXy/iJ/LmZ+bsWLvOsIGnO6O3NA2P7+QEVTP+geOFefu8/2DpHY2Kaz
ZHLglRT7licUQ2aFaQaJRx4xF2ics5BX8D93xZz+tMiJaKpCveCjQbHgcgOCTjsu
CdyTgjj5bFo5JflZfth+oCFQbB6+41EaG8RVA2Y4UWhF6FOFvzYBsUj3yvvdsh/9
NljIyhm8RZfP/FHQ+l9RE92foP44ff1lFhWJ/g32uqXOTtt7DK7bS7loS0SgEnFf
tmIUQiuLwMf7QL+IiktF1CCbWnVBEfk4JCQfkTcvOOWg7c1DDk79WA==
=95U7
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list