nihilist - 00 / 00 / 00

SRVNAME Setup

High Availability and anonymity

The concept of high availability is omnipresent in centralized services. One expects their ISP to provide internet access, their email provider to give them 100% uptime whenever they want to send an email and so on.
High-availability, the ability to provide high-uptime infrastructure, also has far-reaching implications for OPSEC practitioners. When an adversary wants to collect information such as physical location behind a hidden service, depending on their power they will use downtime as an indicator in order to progressively narrow the pool of potential service location until they can act decisively against the remaining suspects.

nihilist - 00 / 00 / 00

SRVNAME Setup

Threat model

In order to understand how high availability, or lack thereof, impacts our security posture me must first define the skills and abilities of our adversary. For this tutorial the adversary has the following attributes:

Ability to monitor the hidden service status and know rapidly if it goes offline
Ability to directly tamper with either the power grid or the internet infrastructure with high granularity (DSLAM level, which could be a small town or a group of city blocks)
Ability to monitor the effects of tampering or incidents impacting the power grid or the internet infrastructure

A concrete example of such an adversary would be law enforcement and government agencies.

Initial Setup

Setup

Nihilism

Until there is Nothing left.

Creative Commons Zero: No Rights Reserved

My Links

RSS Feed
SimpleX Chat

About nihilist

Donate XMR: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8

Contact: nihilist@contact.nowhere.moe (PGP)