[tor-talk] Onion website on "usual" server

grarpamp grarpamp at gmail.com
Sun Apr 14 07:31:33 UTC 2019


> is it safe so onion IP won't be disclosed?

Whenever someone cuts, dos, or boots the box, it panics,
etc... all sites services on it are correlated together.

Webserver daemon, kernel, and VM exploits exist.

"Safe" means you probably do not want to be running it on
the same box, or account, payment, email, phone, isp line,
anything that is connected to you. Nor managed from your
own location.

"Won't" is bogus because even standalone onion can be
found with some methods. Whitepapers clearly tell people
that some adversaries can and will find an onion IP in time
if they want to. Tor design is unable to prevent that.
Some methods can be offset, others can't.

Those are some answers no one said.

Are whatever ways you choose safe enough for you?
Are some of your adversaries those that can do that?
You'd have to consider things more to know.


More information about the tor-talk mailing list