I am confused: is this seriously saying that over 30% of "hidden" services were being hosted on the server of one guy named Daniel?... that in a world where the entire point is that you don't know where anything is hosted and you are using tons of indirection through Tor to ensure there is no obvious place to hook all of the traffic or even see packets for timing attacks, it turns out there was a one in three chance that the traffic was being hosted by this one guy named Daniel?
No. That would be like someone taking GeoCities down in 1998 and claiming you took down 30% of "The Internet. You would have gotten a bunch of stuff, but obviously not 30%
At best they took down 30% of hidden web services with published addresses at aggregator sites like Hidden Wiki.
It's not that you don't know where its hosted, it's that you don't know who is using it or where they are. That includes publishers with hosted content, even from the host itself. 5Eyes couldn't just drop a tap in front of Danial's Host and see anything useful, just intermediate nodes with no idea what was on the other end. (barring a >51% attack where they own the first and last nodes in the circuit.)
Your second paragraph is not, in my understanding, the goal of a hidden service: that is merely the goal of Tor itself and would apply to a non-hidden service being accessed via Tor. The goal of the hidden services feature is to allow hosts to have the same level of anonymity as users, making it nearly impossible to shut them down or know where to tap their traffic (for timing attacks).
Onion services can have various goals. Hiding the server is a very common one, but it's not always the case.
For example facebook runs an onion server for their service, they don't need to hide the service itself. So they configure their Tor relays with no anonymity on the service side (HiddenServiceSingleHopMode 1) and get better performance.
Such non-anonymous onion services can have many goals, for example:
* Reducing load on Tor exit nodes
* Providing users a secure, authenticated connection without depending on the CA system (assuming you got the URL through a secure channel the first time, you know only the key holder can provide service on that host).
* NAT traversal for services that otherwise have no need for anonymity
> At best they took down 30% of hidden web services with published addresses at aggregator sites like Hidden Wiki
30% is wrong, but there are other ways these metrics [0] are extrapolated [1]. You can see a dip in that first chart, didn't check dates to see if related.
Don't confuse, and don't mix .onion domains or hidden services with web-sites running on a hidden service. If a hidden service exist, it don't have to be a website!
That 30% is clearly a gross estimation, and certainly a wrong one with no data to back it up. Still, even though it is definitely counter productive to host on a widely known host, it still does not expose any users, and that is the main point, not really protecting the host.
Genuinly curious: if you don't protect the host, how can you protect the users? Host has the power to change any content, including BTC addresses, text,...
Not if the content is cryptographically signed by the author, so at least some content can be served safely. I'm not sure if it's possible to have a dynamically generated website that encrypts or signs all content without having the signing key accessible to the host, though.
If you want to serve some content that's illegal and someone
a) offers you hosting, and
b) doesn't know who you are,
then you absolutely host there because it's zero risk to you.
This adds speculation and sensationalism on top of an ill informed article. They even defined it as a 0-day vulnerability, when it is obviously not the case as explained by the article itself. Can't simply trust the quality of the information in there.
