Browse code

Link to blog post to document https hs issues

Sebastian Hahn authored on 11/02/2015 06:46:56
Showing 1 changed files
... ...
@@ -216,16 +216,20 @@
216 216
     Apache, and learn something about your operating system.</li>
217 217
     <li>If your computer isn't online all the time, your hidden service
218 218
     won't be either. This leaks information to an observant adversary.</li>
219
-    <li>It is generally a better idea to host hidden services on a Tor client 
219
+    <li>It is generally a better idea to host hidden services on a Tor client
220 220
     rather than a Tor relay, since relay uptime and other properties are
221 221
     publicly visible.</li>
222
-    <!-- increased risks over time -->
222
+    <li>The longer a hidden is online, the higher the risk that its
223
+    location is discovered. The most prominent attacks are building a
224
+    profile of the hidden service's availability and matching induced
225
+    traffic patterns.</li>
223 226
     </ul>
224 227
 
225
-    <hr>
226
-
227
-    <p>If you have suggestions for improving this document, please <a
228
-    href="<page about/contact>">send them to us</a>. Thanks!</p>
228
+    <p>Another common issue is whether to use HTTPS on your relay or
229
+    not. Have a look at this <a
230
+    href="https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs">post</a>
231
+    on the Tor Blog to learn more about these issues.
232
+    </p>
229 233
   </div>
230 234
   <!-- END MAINCOL -->
231 235
   <div id = "sidecol">
... ...
@@ -235,4 +239,4 @@
235 239
   <!-- END SIDECOL -->
236 240
 </div>
237 241
 <!-- END CONTENT -->
238
-#include <foot.wmi>  
242
+#include <foot.wmi>