Silk Road forums
Discussion => Security => Topic started by: BearedF on October 06, 2012, 11:39 pm
-
Good thing, bad thing, doesn't matter ? I know TAILS does doesn't use persistent ones.
-
IIRC, tor caches things like entry guards and reuses them on reboot to prevent certain attacks. You can delete the TBB folder and re-extract it every time for a true "clean start"; this also protects against certain malware attacks that crash and corrupt the browser/tor and require it to be restarted before the malicious code can run.
Another option would be the use of bridges, especially if you write a bunch of them down and change them around every so often (not every time though!).
-
persistent entry guards are extremely important for anonymity. The Tor devs are actually in the process of revamping the entry guard selection algorithm to pick less guards and use them longer, and possibly layering guards for hidden services. I personally strongly suggest configuring your hidden services with a client instance of Tor to be used as a socks proxy for the hidden service instance of Tor. It hurts hidden service load times, but it offers a much much higher degree of anonymity than a vanilla Tor hidden service configuration. Also if you don't have non-encrypted sensitive data on the hidden service, there is no real disadvantage to running the web server in a virtual machine with Tor running on the host and host only networking or similar, this can offer a much higher degree of protection from attackers who try to deanonymize your hidden service by hacking it. The disadvantage of using a virtual machine isolated hidden service is that the web servers operating environment is easier to compromise than it would be if the web server was running on non-virtualized hardware. The advantage to using virtual machines in this way is that an attacker can't get to the external IP address from inside the VM so you can make it much harder for hackers to gain unauthorized access to the external IP address.
Short of implementing a hardware isolation solution to sandbox the web server from external IP address, the best bet for a highly anonymously configured hidden service is currently to take both of these steps (virtualization based isolation + Tor over Tor).
-
Cool.
Got any links for the new Tor dev direction towards this issue ? Or entry guard discussion on general.
-
Cool.
Got any links for the new Tor dev direction towards this issue ? Or entry guard discussion on general.
http://freehaven.net/~arma/cogs-wpes.pdf
-
They suggest not using Tor Via Tor because someday they are going to make it impossible, but if they don't add layered entry guards for hidden services at the same point in time they will essentially be fucking hidden services. Hidden services can be traced up to their entry guards in a matter of minutes, the only reason the feds don't know the IP address of SR is due to an insane amount of incompetence, if it has any entry guards in the USA it wouldn't even require a warrant to deanonymize it past entry guards (ie: trace the hidden service) with a trap and trace / pen register. Using layered guards makes this attack more difficult, using Tor via Tor essentially is a work around to get layered guard nodes for hidden services, so I do hope that they add layered guards when they remove the ability to do Tor via Tor.