Silk Road forums
Discussion => Security => Topic started by: Railgun on July 08, 2013, 03:14 pm
-
So I was on BMR (flame on), and apparently there was an issue where the server's ISP had been doing work in the area.
So, stoned, I thought: What keeps LE from finding at least the likely servers by just contacting the ISP and asking which subscribers have the most encrypted (specifically Tor'ed traffic)?
Is it possible that they have a watchlist of likely locations in which DPR and others host?
-
This is a possible attack vector. Correlation of downtime of a hidden service with known downtime of a specific hosting provider can be used to narrow in on a hidden service. I don't know what you mean by "doing work in the area" though, I can only assume you mean that they had a period of down time in which every server hosted by them could not be reached for some period of time.
-
A good use case for multi-homed hidden services.
-
A good use case for multi-homed hidden services.
As in distributed networking?
That's why I think DPR is a collective effort. If the server is hosted in multiple jurisdictions, it makes it hard to do much with any of it legally.
-
The main problem with multihoming is syncing the servers. Static sites are trivial to multihome, but how would you do it with this forum, for example? People would post to the same thread on different servers, so when they returned to the thread later, they would see posts before theirs that didn't exist before. Someone deletes his post on one server and another person replies to that post (quoting it) on the other server. How do you handle that? It would be chaos.
One solution is to use 3 servers. Server A and Server B run SMF. Server C runs the database. A and B are connected to C as a remote database hidden service. This would add a few seconds latency to each page load, but that's a trade off that could be worth it in some situations, like if you're using sketchy Russian hosting providers with frequent power failures and you need multi-homing. A and B also store local copies of the database which they don't normally use, but if C goes offline, then B shuts down and everyone uses A until C comes back up.
People on B would still experience brief downtime that might be indistinguishable from routine Tor network fuck ups.
The market would be easier to multihome. The main problem I see is when listings get low on stock, people on different severs may buy the last sample. This could be handled by displaying a message when the listing goes below 5 items, which says that you have tentatively purchased the item, and it may or may not complete within an hour (or however often the servers sync), and the buyer will be notified of the result. Or it could be handled with 3 servers as above.
-
have you read about tahoe-lafs?
-
Yeah, I remember during the early development of the Freedombox (what happened to that anyway?), there was talk of using Tahoe-LAFS as the filesystem, and Zooko himself chimed in to say that it's too slow for running services and is designed to be more of a backup solution. That may have changed or I may be misremembering the specific reason, but they ultimately decided not to go with it.
-
I have never used it but I am pretty sure I2P folk use it for their multi homed Eepsites. I think there is actually an I2P fork of it designed for multihoming Eepsites, but I dunno I never got into the I2P community very much.
-
So I asked some I2People about it, and here's what they said.
me> Is it useful for running services, like a web or database server, or only for backups?
i2person> backups, you can't really run a web server through tahoe, just store files. so you can make a pseudo website, but only with html and js/client side stuff, no server side scripting
i2person> and yah its slow. frankly i don't think tahoe should be used for file sharing / distributed datastore. its really more like an open source personal nas cluster, it can be used to store files on multiple disks/computers, but for mass file upload/download/sharing its just not going to scale well
So it sounds suitable for Freenet, but not a live server environment like SMF.
-
hmm. Too bad there is not a specialized forum software for Tor yet. I2P and Freenet both support distributed forums, with Syndie for I2P and Frost for Freenet.
-
Even better would be a decentralized messaging system to replace Tormail. :)
Who admins a decentralized forum anyway? Do you create your own subforums and become the mod, kind of how IRC channels work?
-
I believe that it is more like a mailing list where you can select to send messages to a subset of your contacts, and to receive messages from or filter messages from whoever you like, with the messages presented in a threaded fashion. Actually it looks like Syndie does work with any anonymity network, although it was developed by the I2P people. The user interfaces for both frost and syndie are awful though, they both look like they would probably be a challenge for the average user to use.