Open PeterTonoli opened 8 years ago
s-rah
commented
8 years ago Great Idea. Given the nature of the tool, the default should be any network connections use the Tor Proxy. Not sure where to capture these kind of things yet, probably in a CONTRIBUTORS.md file for designing new features.
laanwj
commented
7 years ago As hidden services may be scanned by onionscan, possibly even by the owners of hidden services
Good point. I think it would be wise to put any access to centralized external services behind an option that is disabled by default, and otherwise access them over Tor. Even when querying over Tor, e.g. Shodan her host*, as well as possibly routers along the way, would learn that certain key fingerprints are being queried, which is an information leak. Not as bad as a query from a direct IP of course but it's something to mind.
(* I've heard that at least some of the bitcoin block explorers, that allow for querying addresses and transaction IDs, keep track of what is requested and by whom)
s-rah
commented
7 years ago +1 disable by default.
There have been discussions and suggestions in #3 and #6 for using external services such as Tineye and Shodan for comparing fingerprints collected. As hidden services may be scanned by onionscan, possibly even by the owners of hidden services, to prevent the chances of correlation between scanners and sites, all IP accesses using onionscan should have the option of being accessed through an anonymising service.