1 comment

[ 7.8 ms ] story [ 16.3 ms ] thread
This is a followup to " Deanonymizing Tor Circuits".[0] I added a comment there,[1] but I doubt that it'll get seen, unless someone searches.

From TFA:

> Vanguards help guard you from getting vanned...

> Even after deployment of the new v3 onion service protocol, the attacks facing onion services are wide-ranging, and still require more extensive modifications to fix in Tor-core itself.

> Because of this, we have decided to rapid-prototype these defenses in a controller addon in order to make them available ahead of their official Tor-core release, for onion services that require high security as soon as possible.

There's some informative discussion in this tor-dev thread.[2] And in particular, Mike Perry comments about the vanguards hack:[3]

> Yes, specifically vanguards always uses two guards and disables all path restrictions to mitigate info-leak route disclosure attacks like the above.

0) https://news.ycombinator.com/item?id=22212001

1) https://news.ycombinator.com/item?id=22253183

2) https://lists.torproject.org/pipermail/tor-dev/2020-February...

3) https://lists.torproject.org/pipermail/tor-dev/2020-February...