|
|
|
|
|
|
by cyphar
3740 days ago
|
|
|
> The security of the name lookup relies on the crypto, but even without secure name lookups an attacker would still have to break TLS to defeat HSTS. Which nobody enables for most websites because it's insane to pin your certificate if you're not Google. > Onionshare and Ricochet aren't widely used, scihub is still accessible over the clearnet. "clearnet" doesn't mean anything. Just because you can access it using DNS doesn't mean that the fact it has an onion address is irrelevant. Onion addresses provide several security benefits, and only one of them is "anonymity of the server". As for "not widely used", you appear to have redefined "only notable hidden services". Notable means "important" or "significant". I consider Ricochet to be quite significant. |
|
|
Why?
>"clearnet" doesn't mean anything. Just because you can access it using DNS doesn't mean that the fact it has an onion address is irrelevant.
I think it kind of does when you can just type in "facebook.com" instead of "facebookcorewwwi.onion" and receive a significantly faster browsing experience while not missing out on anything. That's what most users will do. Not only that, the onion is hardly documented (the only mention I could quickly find on facebook.com was in a blogpost!)
> Onion addresses provide several security benefits, and only one of them is "anonymity of the server".
I am well aware, none of which are worth the extra 3 hops.
>As for "not widely used", you appear to have redefined "only notable hidden services". Notable means "important" or "significant". I consider Ricochet to be quite significant.
Ricochet is experimental, unreviewed and nobody should really be using it for sensitive communications at this time.
And why is ricochet particularly significant? It's just glorified torchat, not bitcoin.