Delivery-Date: Fri, 13 Feb 2015 06:48:20 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 11E941E0385
	for <archiver@seul.org>; Fri, 13 Feb 2015 06:48:19 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 51B71334DD;
	Fri, 13 Feb 2015 11:48:15 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 8512933375
 for <tor-talk@lists.torproject.org>; Fri, 13 Feb 2015 11:48:11 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id xTPAALNQWJoQ for <tor-talk@lists.torproject.org>;
 Fri, 13 Feb 2015 11:48:11 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 6074631D28
 for <tor-talk@lists.torproject.org>; Fri, 13 Feb 2015 11:48:11 +0000 (UTC)
Received: from berryeater.riseup.net (berryeater-pn.riseup.net [10.0.1.120])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id CD9DE40830
 for <tor-talk@lists.torproject.org>; Fri, 13 Feb 2015 11:48:07 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1423828087; bh=jaLjp73C8Jhimyrm+aO6qnvCfcFhHwYy4eN95EfMbuE=;
 h=Date:From:To:Subject:In-Reply-To:References:From;
 b=nlMT/Jp5FJZPjxM3rLYLI8Z6bqKV2KUJYpnLLTfr1m1wibI3BUm4Oy2VGtMkVn5T/
 l7aMtmgOecYPX1PH88F0OLKbRKtyqprtlGxRVuVBRO+dJ/x7mtWMuQ/R733zgDcLzy
 AieHtCw3YDd7fqKhorjprYQiMGFf+GUj/IjwP4DU=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: whonixqubes) with ESMTPSA id B1119400DD
MIME-Version: 1.0
Date: Fri, 13 Feb 2015 11:48:07 +0000
From: WhonixQubes <whonixqubes@riseup.net>
To: tor-talk@lists.torproject.org
In-Reply-To: <54DDBFBB.7010505@riseup.net>
References: <54DDA477.7080804@riseup.net>
 <54DDB5F3.9050300@confidantmail.org> <54DDBFBB.7010505@riseup.net>
Message-ID: <1a317b4e081206da46a918c3daf9ab64@riseup.net>
X-Sender: whonixqubes@riseup.net
User-Agent: Riseup mail
X-Virus-Scanned: clamav-milter 0.98.5 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] Hidden Service (Nginx) setup guide
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi!

Nice to see more user friendly information on setting up hidden services 
being published. :)

I'm a maintainer of the Qubes + Whonix platform.

Correct that Whonix or Qubes + Whonix is not optimized for remote server 
configurations (but can be used if one has the resources and is a more 
advanced admin).

Although, noted as beyond the scope of Thomas' article, one potential 
downfall (which many will accept) is that even with some dynamic 
software-driven disablement of the server's networking upon intrusion 
detection, if malware gets in, then it can still get out by re-enabling 
whatever services are disabled.

So using a separate Gateway & Workstation for forcing even malware out 
through the Tor Gateway could be of great anonymity importance for some 
HS operators.

FYI: I'm writing a new user application on top of Qubes + Whonix this 
year, and am probably going to add in an easy point-and-click or fully 
automated Hidden Service setup at some point.

Also, with upcoming version R3, Qubes should be coming to KVM, etc, in 
the future, so it can be installed as an app onto other OSes and Qubes + 
Whonix will then hopefully be able to have a more minimal footprint on 
typical VPS or User systems.

Also, which many people here know, Hidden Services on user desktops has 
some interesting applications beyond web servers.

BTW, thanks for your personal support of Whonix! :)

WhonixQubes
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

