Trending December 2023 # Tor Connections To Hidden Services Could Be Easy To De # Suggested January 2024 # Top 16 Popular

You are reading the article Tor Connections To Hidden Services Could Be Easy To De updated in December 2023 on the website Hatcungthantuong.com. We hope that the information we have shared is helpful to you. If you find the content interesting and meaningful, please share it with your friends and continue to follow and support us for the latest updates. Suggested January 2024 Tor Connections To Hidden Services Could Be Easy To De

Identifying users who access Tor hidden services—websites that are only accessible inside the Tor anonymity network—is easier than de-anonymizing users who use Tor to access regular Internet websites.

One of Tor’s primary goals is to provide anonymity for Internet users. This is achieved by routing their Web traffic through a series of randomly chosen nodes or relays before passing it back onto the public Internet.

Internet servers that receive traffic from Tor users won’t see the real IP (Internet Protocol) addresses of those users. What they’ll see will be the IP addresses of randomly chosen Tor exit nodes.

The Tor hidden service protocol extends the anonymity protection to servers as well. It makes it impossible for users to see the real IP address of a server that runs a Tor hidden service, like for example, a website.

Anonymity is the coin of the realm

Hidden services use addresses that end in .onion, a pseudo top-level domain that doesn’t exist on the Internet and only resolves inside the Tor network. This anonymity protection for both servers and users makes hidden services attractive to political activists in countries where free speech is not well protected or where Internet surveillance is common, but also to criminals who use such websites to hide their activities from law enforcement.

That’s not the case with Tor hidden services and in fact attackers could quite easily and with 100 percent reliability take control of all the rendezvous points between Tor users and specific Tor hidden services, at least for a period of time.

Knowing who passes by

With this formula both a Tor client and a Tor hidden service should select the same 6 HSDirs on a particular day. However, the researchers found that they could use brute force techniques to generate the keys needed for their own nodes to take up those rendezvous positions for a specific day.

The researchers managed to place their own nodes as the 6 HSDirs for facebookcorewwwi.onion, Facebook’s official site on the Tor network, for the whole day on Thursday. They still held 4 of the 6 spots on Friday.

Brute-forcing the key for each node took only 15 minutes on a MacBook Pro and running the Tor relays themselves cost $62 on Amazon’s EC2 service.

For example, a government monitoring its Internet users through ISPs could use this attack to perform traffic analysis and determine who visited a dissident site hosted on Tor. A law enforcement agency could do the same with the help of ISPs to identify who is visiting an illegal website that runs as a Tor hidden service.

The goal of the two researchers was to prove that “hidden service users face a greater risk of targeted de-anonymization than normal Tor users,” because it’s much easier to reliably control all HSDirs for a specific hidden service than to control all Tor exit relays that might be used to access a website.

A fix in the works

There is a proposal for the next generation of hidden services that will address not only this problem, but also other potential issues, Sandvik said. In the meantime, the Tor developers have tools that can detect relays trying to attack users of Tor hidden services, she said.

A change in Tor that will be implemented soon will make it harder for new nodes to become HSDirs by forcing them to obtain a stable flag first, Valsorda and Tankersley said. This will require nodes to be online for a longer period of time before they can become HSDirs so it will make the attack more expensive, but not technically harder to pull off, they said.

While users can’t do much to defend themselves against this, the operators of Tor hidden services do have one option. They could use the attack themselves so that their own nodes will become HSDirs for their own hidden services.

They released the brute-force tool they created for the attack on Github, as well as a separate HSDir analysis tool that can potentially detect such attacks.

You're reading Tor Connections To Hidden Services Could Be Easy To De

Apple Watch Fall Detection Could Send Your Health Data To Emergency Services

Apple Watch Fall Detection has been credited with saving a number of lives, thanks to its ability to automatically call emergency services if it detects you falling and you don’t confirm that you’re ok.

But the feature could get even more sophisticated in future, with the ability to send comprehensive data to emergency services so they can get a sense of your condition before the ambulance arrives …

Patently Apple spotted the latest in a series of patents in which the Apple Watch builds on this capability, with the ability to send identification and health data as part of the audio message.

Apple goes further than this, and includes other identification and health data.

One aspect of the present technology is the gathering and use of data available from specific and legitimate sources to improve the ability of user devices to assist in emergency situations by making emergency calls on behalf of the user and providing valuable information to the recipients.

Apple contemplates that in some instances, this gathered data may include personal information data that uniquely identifies or can be used to identify a specific person. Such personal information data can include demographic data, location-based data, online identifiers, telephone numbers, email addresses, home addresses, data or records relating to a user’s health or level of fitness (e.g., vital signs measurements, medication information, exercise information), date of birth, or any other personal information.

Apple recognizes that the use of such personal information data, in the present technology, can be used to the benefit of users. For example, the personal information data (e.g., users health information, physical location, etc.) can be used to help emergency service responders and technicians to identify when a user needs medical attention and/or where the user is located. For example, information about previous health conditions of the user can help emergency services identify what type of medical attention is needed, and what type of technicians to send to the location of the user.

Health metrics that may be computed using the electrodes include, without limitation, heart functions (ECG, EKG), water content, body-fat ratios, galvanic skin resistance, and combinations thereof.

The Apple Watch doesn’t yet have sensors enabling it to gather all of this data, though we do expect additional sensors to be added over time. However, much of this data may already exist in the Health app. For example, if the casualty uses smart scales at home, the Health app may know things like their age, height, weight, BMI and body fat percentage.

This opens up the possibility of a very comprehensive automated briefing being given on 911 calls. For example, it might be something like this:

This is an automated emergency call on behalf of John Appleseed. John is a 38-year-old man who has had a hard fall, and is non-responsive. His current location is approximately 767 5th Ave, New York, NY 10153. John’s current heart-rate is 33 beats per minute. His normal resting heart rate is 42 beats per minute. John is five feet and 11 inches tall and weighs 168 pounds. His BMI is 23.5 and his body-fat is 22%, both within healthy ranges. He shows no sign of afib. John takes regular exercise, and the health data on his phone does not record any known medical conditions or medication. This message will repeat a further three times, with updated heart rate.

FTC: We use income earning auto affiliate links. More.

Nearby ‘Venus Twin’ Could Be Clue To Finding Inhabited Planets

In a solar system not so far away, an Earth-size planet orbits a small star. The planet is rocky like our own, but its average temperature is between 300 and 600 degrees Fahrenheit.

It’s not the nearest or the most Earthlike exoplanet, but it could help scientists track down potentially habitable planets in our galaxy.

Between A Rock And Deep Space

GJ 1132b is much too hot to be habitable–it orbits very close to its star and receives 19 times more stellar radiation than Earth. But unlike other rocky planets that have been spotted so far, scientists think this one could have an atmosphere.

Jonathan Fortney, who studies exoplanets at the University of Southern California and wasn’t involved in the current study, tells Popular Science that although scientists have studied the atmospheres of larger and gassier exoplanets, this could be a first for rocky planets.

Other rocky exoplanets have had temperatures of around 2,000 degrees or more, and their atmospheres cooked off. “They might lack atmospheres entirely,” Fortney says, “or have atmospheres made of vaporized rock…. [GJ 1132b] could be an important bridge in understanding how rocky planet atmospheres differ depending on planet temperature.”

The MEarth-South telescope array in Chile found planet GJ 1132b by watching its star for changes in brightness

A Close Neighbor

GJ 1132b is nearer to Earth than other rocky exoplanets, which will give us a clearer look at its mass and atmosphere. It orbits a star just 39 light-years away, compared to 127 light-years for its next closest analog.

The new exoplanet will also be easier to study than most because it orbits a star that’s one-fifth the size of our Sun. This will allow scientists to look at the planet and analyze its atmosphere with less “noise” from the star.

A Closer Look

If the planet has an atmosphere, it might be dominated by oxygen, nitrogen, and carbon dioxide. Probably all of its water will have boiled off.

Observations by the Hubble telescope could tell us more about the hypothetical atmosphere. And after the James Webb Telescope launches in 2023, it could provide a more comprehensive survey of the exoplanet’s atmospheric composition as well as its wind patterns.

“We think it’s the first opportunity we have to point our telescopes at a rocky exoplanet and get that kind of detail, to be able to measure the color of its sunset, or the speed of its winds, and really learn how rocky planets work out there in the universe,” said lead author Zachory Berta-Thompson in a press release.

Small stars like the one GJ 1132b orbits (called red dwarfs) are 12 times more common than stars like our own, and on average, each red dwarf has one or two planets that are around Earth-size. Because of their abundance, the paper notes, the closest habitable planet to Earth will likely orbit around a star like this. Which is why it’s important to learn as much as we can about them.

“This understanding will be important for the long-term goal of looking for life on planets orbiting nearby small stars,” the authors note.

Hotter Weather Could Be Changing Baseball

As average global temperatures continue to rise, America’s pastime could be entering the “climate-ball era.” A report published April 7 in the Bulletin of the American Meteorological Society found that since 2010, more than 500 home runs can be attributed to higher-than-average temperatures. These higher-than-average temperatures are due to human-made global warming.

While the authors of this study only attribute one percent of recent home runs to climate change, their study found that warmer temperatures could account for 10 percent or more of home runs by 2100, if emissions and climate change continue on their current trajectory.

[Related: What’s really behind baseball’s recent home run surge.]

“Global warming is not just a phenomenon that shows up in hurricanes and heat waves—it’s going to alter every aspect of how we live and play,” study co-author and doctoral candidate in geography at Dartmouth University Chris Callahan tells PopSci in an email. “Reducing human emissions of greenhouse gasses is the only way to prevent these effects from accelerating.”

This study primarily arose because Callahan, a huge baseball fan, was interested in any possible connections between climate change and home runs. “This simple physical mechanism—higher temperatures mean reduced air density, which means less air resistance to batted balls—had been proposed previously, but no one had tested whether it shows up in the large-scale data. It turns out that it does!” Callahan says. 

Callanhan and his team analyzed more than 100,000 Major League Baseball (MLB) games and 220,000 individual hits to correlate the number of home runs with the occurrence of unseasonably warm temperatures during the game. Next, they estimated how much the reduced air density that results from high air temperature was a possible driving force in the number of home runs on one given day compared to other games. 

Other factors, such as performance-enhancing drugs, bat and ball construction, and technology like launch analytics intended to optimize a batter’s power were also taken into account. While the team does not believe that temperature is the dominant factor in the increase in home runs, particularly because present day batters are primed to hit the ball at optimal angles and speeds, temperature does play a factor.

Increase in average number of home runs per year for each American major league ballpark with every 2 degree Fahrenheit increase in global average temperature. CREDIT: Christopher Callahan

The team particularly looked at the average number of home runs annually compared to every 2 degrees Fahrenheit increase in local average temperature at every MLB ballpark in the US. They found that the open-air Wrigley Field in Chicago would experience the largest spike (more than 15 home runs per season per 2 degree change), while Tampa Bay’s dome roofed Tropicana Field would stay level at one home run or less regardless of how hot it is outside the stadium. 

[Related: Will baseball ever replace umpires with robots?]

Night games lessened temperature and air density’s potential influence on the distance the ball travels, and covered stadiums would nearly eliminate the influence. Additionally, the study did not name precipitation as a factor, after all, most games are postponed or delayed. The number of runs per season due to temperature could be higher or lower depending on the conditions on each game day.

“I think it was surprising that the [heat’s] effect itself, while intuitive, was so clearly detectable in observations. As a non baseball fan, I was astounded by the data,” study co-author and geographer Justin Mankin tells PopSci. Mankin also noted that some next steps for this kind of research could potentially be looking into how wooden bats should change due to warming and how other ballistics based sports (golf, cricket, etc.) are affected by the increased temperature. 

While more home runs arguably makes for more exciting games, exposure to players and fans to extreme heat is a major risk factor that MLB and its teams will need to consider more frequently as the planet warms. 

“A key question for the organization at large is what’s an acceptable level of heat exposure for everybody and what’s the acceptable cost for maximizing home runs,” Mankin said in a statement. “Home runs are one pathway by which temperature is affecting game play, but there are other pathways that are more concerning because they have human risk attached to them.”

How To Keep Ssh Connections Alive In Linux

For those that need to work constantly on SSH, it can be very frustrating when the system cut you off after a period of time. This article shows you the method to keep SSH connection alive until you disconnect it.

Login to your remote system, or open the terminal in your own computer.

Open the /etc/ssh/ssh_config file.

sudo

nano

/

etc

/

ssh

/

ssh_config

and add the following line to the end of the file:

ServerAliveInterval

60

What this option does is to send a null packet to the server at every 60 seconds (of inactivity) to keep the SSH connection alive. You can experiment with the value, setting it to either higher or lower, depending on your system configuration. A value of 60 is a good starting point to start the experimentation.

Per user configuration

If you don’t have root access to the system or you just want to configure it for your personal account, you can edit the ~/.ssh/config file instead.

sudo

nano

~

/

.ssh

/

config

If the file does not exist, this will create a new file.

Add the following line:

Host

*

ServerAliveInterval

60

Press “Ctrl + o” to save and “Ctrl + x” to exit.

Lastly, restart the SSH server.

sudo

service

ssh

restart

That’s it.

Damien

Damien Oh started writing tech articles since 2007 and has over 10 years of experience in the tech industry. He is proficient in Windows, Linux, Mac, Android and iOS, and worked as a part time WordPress Developer. He is currently the owner and Editor-in-Chief of Make Tech Easier.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Sign up for all newsletters.

By signing up, you agree to our Privacy Policy and European users agree to the data transfer policy. We will not share your data and you can unsubscribe at any time.

2023 Could Be The Year Of The Sandboxed App

It’s all thanks to the package manager. And while the trusty package manager has served as a centerpiece of Linux distributions for years, it has some serious shortfalls as well.

The problems with package managers

On top of that, there isn’t just one package manager. Package managers differ from one distribution to another, meaning that instructions for Fedora won’t completely translate into instructions for Ubuntu. Switching between distributions means learning a new package manager. It also means that what works for one system may not work the same on another.

Not only can it be tough for newbies to get it all right, but it’s also a pain for software vendors to distribute their programs. Just think of it: To distribute your program, you might have to repackage it as an RPM (Fedora), Deb (Ubuntu and Debian), or a chúng tôi (Arch and Manjaro), in addition to providing the source as a tarball (tar.gz).

Many software vendors simply pick one and leave it to package maintainers to do the rest. This creates an entire class of volunteers who spend a lot of energy repackaging software for their chosen Linux distribution. That’s a lot of extra work and testing. It’s little wonder that proprietary apps that are widely available on Windows and Mac aren’t always available on Linux. 

Simplifying distribution

Some smart folks realized that packaging software for Linux was a nightmare. To remedy this, there are a few new formats that have been worked on over the past year to simplify this.

Portable Linux applications aren’t exactly new. Container systems like Docker are popular among enterprise app developers and server administrators, but they aren’t really designed for the desktop user like you and me. The portable desktop systems package applications with all of the stuff the apps need to run (libraries, runtimes, etc). The portable app is then offered as a single-file download, that can be run without a lengthy unpacking and installation process.

This distribution method also promises added security, since each application can be run in relative isolation from the rest of the system. That means that a misbehaving email or malicious web script would have a harder time touching any of the data on the system outside of the app’s environment, or sandbox. In some cases, the application must be granted certain permissions to function properly. If you’ve ever had an Android app prompt you for permissions to your phone’s camera or storage, the idea is very similar.

The contenders

As with anything Linux, there’s never just one solution. Several people have come up with and worked on similar solutions, which means there are now another set of competing formats. There are three formats that are trying to address this problem: AppImage, Flatpak, and Snap.

AppImage is one of the earliest solutions, and first began development back in 2004 as a project named klik. AppImage allows users to download a single file, set it as executable, and run it without any installation. A library of AppImage apps does exist at JFrog Bintray, but some of the applications are a little old. The Chromium application, for instance, is a build from August 2023.

Canonical was early to the portable application game in 2023 when it introduced snaps with Ubuntu 16.04. Snaps are billed as being more secure and easier to install. To use snaps, you have to install the snapd daemon on your system. (Ubuntu users running 16.04 or newer already have snapd as part of their base install.) Snapd is available on most major distros, so you don’t have to be an Ubuntu or Mint user to make use of them. There’s also a good selection of snaps at the Ubuntu App Explorer website. It’s worth noting that Canonical is mixing server and desktop applications in its snappy ecosystem, which creates a little overlap with solutions like Docker.

Finally, there’s flatpak. Flatpak is a format developed by Red Hat that’s intended for desktop applications, and isn’t really intended for servers. Flatpak was “released” at the same time Fedora 25 hit the web in late November of 2023, and hasn’t had the time to accumulate a library of apps like Canonical’s snaps have. There are few applications available as flatpaks, but the collection is growing.

Works in progress

Making Linux applications portable is a bit of a new process, so not everything works perfectly just yet.

Canonical’s snaps lack support for SELinux on Fedora. In addition, both flatpaks and snaps rely on the additional security provided by the Wayland and Mir display servers. (A display server is what creates the canvas that your desktop is drawn on.) Unfortunately, most Linux systems still rely on the aging X11 (or chúng tôi server. While Fedora 25 shipped with Wayland as the system default server in November, the April release of Ubuntu 16.04 still used X11 (though you can install a Unity 8/Mir preview if you like).

AppImages don’t have any sandboxing or security built in at all. Instead, the user has to manually sandbox AppImages using the firejail application.

Another thing that needs a bit of tweaking is the user interface for these formats. AppImage files must manually be set as executable. It’s not hard to do, but can be an easy sticking point if the user doesn’t know they have to set the bit, or if they simply forget.

That little blue shield is your only hint that this version of Gedit is the flatpak one.

Flatpak versions of applications are available in GNOME Software if you’re running Fedora 25 or have flatpak installed. However, the only hint that an application is a flatpak in GNOME Software is a little blue icon showing that the app is sandboxed. 

Conclusion

Update the detailed information about Tor Connections To Hidden Services Could Be Easy To De on the Hatcungthantuong.com website. We hope the article's content will meet your needs, and we will regularly update the information to provide you with the fastest and most accurate information. Have a great day!