| 1 |
I live in Poland. Tor hidden services will be located in FORPSI / Aruba |
| 2 |
Cloud VPS provider in Czech Republic data center. Is this provider good |
| 3 |
for hosting Tor hidden services? My threat model is school. If I would |
| 4 |
expect subponea, it's will probably about defamation or offense of |
| 5 |
religious feelings. I do not know much about the law. |
| 6 |
|
| 7 |
|
| 8 |
On 24/04/18 22:44, R0b0t1 wrote: |
| 9 |
> On Tue, Apr 24, 2018 at 2:10 PM, Hubert Hauser <hubot@××××.com> wrote: |
| 10 |
>> I want to run a few Tor hidden services. My home network is behind a |
| 11 |
>> carrier gateway NAT so I can't make server from Raspberry Pi. I consider |
| 12 |
>> run Tor hidden services on VPS. What do you think about it? Is cgNAT |
| 13 |
>> obstacle if I want to run Tor hidden services? |
| 14 |
>> |
| 15 |
> A hidden service listens to connections from a Tor daemon. The |
| 16 |
> recommended setup has both on the same machine, so the web service is |
| 17 |
> only accepting connections from the machine it is run on. It does not |
| 18 |
> need to be outwardly accessible. |
| 19 |
> |
| 20 |
> Tor will work even if you are behind NAT, assuming you do not run it |
| 21 |
> in a mode where it accepts Tor to Tor connections or Internet to Tor |
| 22 |
> connections. |
| 23 |
> |
| 24 |
> |
| 25 |
> Running a hidden service on a VPS, assuming you are not breaking the |
| 26 |
> laws in your jurisdiction, is likely the better idea. It will have |
| 27 |
> higher bandwidth and if an attacker succeeds in resolving its location |
| 28 |
> (which is possible to do and rather easy) they will get a datacenter, |
| 29 |
> not your neighborhood. |
| 30 |
> |
| 31 |
> If you are breaking laws in your jurisdiction of residence I would |
| 32 |
> highly recommend moving. Whether or not it is a better idea to |
| 33 |
> self-host in this case is a tossup. On one hand, if you self-host and |
| 34 |
> the authorities resolve your hidden service's location, they get you, |
| 35 |
> but you may have a chance to destroy evidence. On the other hand, if |
| 36 |
> you VPS-host and the authorities resolve your hidden service's |
| 37 |
> location, they may subpoena the datacenter and get your details and |
| 38 |
> also the information on the server. |
| 39 |
> |
| 40 |
> Cheers, |
| 41 |
> R0b0t1 |
| 42 |
> |
Archives