
The Vanguards Onion Service Addon - mirimir
https://github.com/mikeperry-tor/vanguards
======
mirimir
This is a followup to " Deanonymizing Tor Circuits".[0] I added a comment
there,[1] but I doubt that it'll get seen, unless someone searches.

From TFA:

> Vanguards help guard you from getting vanned...

> Even after deployment of the new v3 onion service protocol, the attacks
> facing onion services are wide-ranging, and still require more extensive
> modifications to fix in Tor-core itself.

> Because of this, we have decided to rapid-prototype these defenses in a
> controller addon in order to make them available ahead of their official
> Tor-core release, for onion services that require high security as soon as
> possible.

There's some informative discussion in this tor-dev thread.[2] And in
particular, Mike Perry comments about the vanguards hack:[3]

> Yes, specifically vanguards always uses two guards and disables all path
> restrictions to mitigate info-leak route disclosure attacks like the above.

0)
[https://news.ycombinator.com/item?id=22212001](https://news.ycombinator.com/item?id=22212001)

1)
[https://news.ycombinator.com/item?id=22253183](https://news.ycombinator.com/item?id=22253183)

2) [https://lists.torproject.org/pipermail/tor-
dev/2020-February...](https://lists.torproject.org/pipermail/tor-
dev/2020-February/014146.html)

3) [https://lists.torproject.org/pipermail/tor-
dev/2020-February...](https://lists.torproject.org/pipermail/tor-
dev/2020-February/014154.html)

