[tor-talk] Not comfortable with the new single-hop system merged into Tor

Roman Mamedov rm at romanrm.net
Wed Dec 21 14:58:33 UTC 2016


On Tue, 20 Dec 2016 23:38:43 -0500
hikki at Safe-mail.net wrote:

> I just think that this new single-hop system should have been reserved for a 
> different Tor source/installation, dedicated only to non-anonymous hidden 
> services, not merge it with the regular Tor software. And this for security.
> 
> I once witnessed a software (non-Tor related) that had a special function 
> which was disabled by default, but was accidentally enabled due to a bug 
> that occured during special circumstances, causing big trouble for some. In 
> this case it caused a big money loss for some, but with the Tor software we 
> are talking about the lives and wellbeing of humans.
> 
> How do I know that my hidden service is really running anonymously, and not
> with just 1-hop, besides just trusting the config defaults?

Did you read the blog post about this feature?
https://blog.torproject.org/blog/whats-new-tor-0298

It specifically says:

> Because this removes the anonymity aspect of the service, we took extra
> precautions so that it's very difficult to enable a single onion by mistake.
> In your torrc file, here is how you do it:

>  HiddenServiceNonAnonymousMode 1
>  HiddenServiceSingleHopMode 1

So it requires explicitly enabling not one, but two separate settings in a
lock-step. How does that not solve any "mistake" concern? Or if you want to be
400% safe from enabling this, then conversely, you can add to your config:

>  HiddenServiceNonAnonymousMode 0
>  HiddenServiceSingleHopMode 0

-- 
With respect,
Roman


More information about the tor-talk mailing list