[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] Number of onions online

On 8/22/16, Nurmi, Juha <juha.nurmi@ahmia.fi> wrote:
> - Looking tor2web proxy stats
> - Looking leaked DNS requests (soon impossible)
> - DHT spying (this should NOT be done and it's technically impossible in
> the future)

These are all basically spying, but they are useful and there are
always those who research or publish them freely for others to use.
Sure, legit researchers (by whatever standards) might heed
discouragement, but it's important to remember that others have
not since the day onions were first invented. That's why I always
say users should use stealh or application level authentication
until then and take precautions. Even after.

How do you say leaking DNS is "soon [made] impossible" by anything
tor does? ie: tor itself already never leaks what is sent to its socks5
port. Any such leaks come from user config and usage errors in their
userland with their userland apps and packet filters.
If you're talking TBB, that's something different.
Other things like Whonix are not tor.

> - Crawling onion sites
> Anyway, you are not going to find every existing onion address.

Custom spidering used to do a very good job here. Though growth
broadened what could be effectively found and targeted that way,
and targets are dropping out all the time as usual. So researcher
and search portal discovery delay is now longer and the depth
shallower. It's at the point you're better off buying a google search
server and plugging it in.

> How researches have been testing these addresses:
> ...
> Again, there are a lot of onions out there but nobody really knows what
> services they are offering.

So long as someone publishes their address, discovering service
isn't hard. Yes there are clearly a lot of unpublished onions.

My inbox always accepts lists people wish to publish to it.
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to