[tor-talk] Not comfortable with the new single-hop system merged into Tor
Roman Mamedov
rm at romanrm.net
Wed Dec 21 14:58:33 UTC 2016
On Tue, 20 Dec 2016 23:38:43 -0500
hikki at Safe-mail.net wrote:
> I just think that this new single-hop system should have been reserved for a
> different Tor source/installation, dedicated only to non-anonymous hidden
> services, not merge it with the regular Tor software. And this for security.
>
> I once witnessed a software (non-Tor related) that had a special function
> which was disabled by default, but was accidentally enabled due to a bug
> that occured during special circumstances, causing big trouble for some. In
> this case it caused a big money loss for some, but with the Tor software we
> are talking about the lives and wellbeing of humans.
>
> How do I know that my hidden service is really running anonymously, and not
> with just 1-hop, besides just trusting the config defaults?
Did you read the blog post about this feature?
https://blog.torproject.org/blog/whats-new-tor-0298
It specifically says:
> Because this removes the anonymity aspect of the service, we took extra
> precautions so that it's very difficult to enable a single onion by mistake.
> In your torrc file, here is how you do it:
> HiddenServiceNonAnonymousMode 1
> HiddenServiceSingleHopMode 1
So it requires explicitly enabling not one, but two separate settings in a
lock-step. How does that not solve any "mistake" concern? Or if you want to be
400% safe from enabling this, then conversely, you can add to your config:
> HiddenServiceNonAnonymousMode 0
> HiddenServiceSingleHopMode 0
--
With respect,
Roman
More information about the tor-talk
mailing list