The same reason people host their emails, websites, photos somewhere else or host their infrastructure in the cloud instead of colocating. It’s not hard but just another thing you have to care for when your real focus should be on what you provide not how you provide it.

If secrecy/anonymity is important enough to put something on the dark web, using the same assumptions as you might on the public internet is silly.

People are silly. We look for silver bullets all the time. Political figureheads who look and sound good while lacking any depth, moustache-twirling villains to blame the bad times on, silly rituals which start because they accidentally coincided with good times, investment bubbles, and hubris followed by victim blaming.

There’s nothing which would cause an otherwise competent business leader to even realise they don’t understand the limits of any given security system, never mind knowing who to ask for advice.

I mean you should have some focus on how you provide your service. By all means, take advantage of services that make your life easier, but you should at least know how they work on a high level should they ever go down and you need to take more ownership of what you provide.

If you have something that you want to be hidden you most likely don't want it to be found in your apartment.

Maybe because they lack the expertise to do it right?

Especially, they arguably lack the expertise to do remote hosting right. Also, as spurgu says, because they don't want stuff hosted locally. And if they thought it through, they wouldn't want the traffic back to their location.

Given all that, they arguably figure that these shared-hosting sites must know what they're doing.

How do you anonymously host a service from your home computer? I'm new to all this.

I also checked out your site. I hope to be at your level of expertise one day.

Onion (née hidden) services are easily hosted from any computer, even behind a NAT/ISP due to how it publishes its descriptor and relies on reachable relays for rendezvous. It's easy with the Tor executable and a torrc file, there are plenty of guides out there.

Even though you're new to all this, for others wanting to do this programmatically, there is Stem for Python and I've written one for Go [0]. It's such an easy self-hosting NAT traversal technique, I'm surprised it's not used more often in situations not requiring great bandwidth/latency (e.g. p2p chat).

0 - https://github.com/cretz/bine

Inexpertly hosting onion services on your own premises, particularly if you're doing so out of a real fear of getting found out, is not recommended.

Talk to the Dread Pirate Roberts next time he's in the neighbourhood.

OnionShare is a good choice.[0]

However, Tor is vulnerable to traffic analysis. And running a server, adversaries can easily modulate/fingerprint the traffic, which facilitates traffic analysis. If you can see the signal, and have taps on major AS, you can drill down to the server.

0) https://onionshare.org/

A way I would pinpoint a hidden server would be to monitor different data center regions / networks for outages or congestion, while at the same time looking at the hidden server's ping reply. The response times alone can reveal a lot of information. Once I have the data center, I'm sure the data center admins can see which servers are using Tor, and help with pinpointing it further. No need for taps.

Yeah, that too :(

One can route Tor traffic for .onion servers through VPNs, or even through nested VPN chains. That makes it a little harder, because the hosting provider can't easily tell that it's Tor traffic. Also, one can run a private obfsproxy, which isn't listed or indexed by Tor.

"Tor Hidden Services" are services hosted on the tor network and inaccessible outside it.

Hosts are assigned a dns name <id>.onion so clients can connect to that service.

OK, I'm being picky, I know. But the .onion hostname has no relation to DNS. It's just the hash of the site's private key, truncated to 16 characters.

To be more picky, it's the SHA-1 hash of the public key, truncated to 10 bytes, then base 32'd which makes 16 chars. That's only for v2, v3 is a bit different.

Damn, thanks :)

I'd forgotten that :(

And yes, v3 is a huge space. That is, several orders of magnitude larger than the IPv6 space. Which is itself humongous.

Edit: Oops. Got that very wrong. Onion v3 is orders of magnitude greater than IPv6 /64. But orders of magnitude less than IPv6 overall. It's like this, I think.

onion v2: ~1.84×10^19 [16^16]

IPv6 /64: ~1.84×10^19 (which is why OnionCat works)

onion v3: ~9.35×10^27 [56^16]

all IPv6: ~3.40×10^38

For anyone curious, v3 is the 32-byte ed25519 pub key, then the first two bytes of the SHA3-256 hash of the key (w/ prepended fixed string and one byte appended), then one more const byte, and then all of those 35 bytes are base 32'd to make 56 chars. Some Go code to illustrate: https://github.com/cretz/bine/blob/f33268f0843a1b2b131a4cacf.... One benefit being that the entire pub key is right there in the hostname.

Absolutely fine to be!

I actually gave it a quick thought that I was curious how the hostnames were assigned but posted right before bed.

Hey :)

Many would love having DNS for .onion addresses. And there's been much talk of a .onion domain.

Is it not fairly trivial to link that to you? How can you make it anonymous?

In normal Tor usage, the client sends a request through three chosen hops, each of which only knows the previous and next hops, so the entry node doesn't know the destination and the exit node doesn't know where the request originated. But this only hides the client, because the client needs to know the server's address to direct the exit node where to send the request. So to hide the server, there is a symmetrical setup with three extra hops on the server's side, and a published "rendezvous" address in the middle. So the server connects to the rendezvous without revealing its real IP, and the client can direct requests to the rendezvous without knowing the server's IP.

^ is the most informative comment in the whole thread.

So by 'hosting' they mean being the rendezvous address?

If I'm reading this right, it actually hosted the websites but its IP address was hidden. I don't know if each site maybe got its own IP on the host, because after all I'd think it would be trivial for a customer to upload some code to unmask the host's actual IP. https://web.archive.org/web/20170830191551/https://hosting.d...

If the .onion host is competent, they use iptables to restrict output to the Tor process.

No, by "hosting" they mean shared hosting, with multiple .onion sites on one physical server.

Each of those .onion sites would have its own Tor entry guard relays, and would negotiate its own rendezvous points. An .onion service, just like a Tor user, selects a few entry guards that it uses consistently. And gradually replaces with new ones, over some weeks. But rendezvous points get picked fresh for each client-server connection.

Only if you're omniscient in the network. No single node knows what traffic it's carrying, or that the next node the traffic is meant to be sent to is the final one.

"Web services" are hosted on the internet and inaccessible outside it.

"Chat lines" are hosted on telephone networks and inaccessible outside it.

If you're hosting illegal content, traffic analysis could be used to catch you.

Only illegal content? Of course the legality of the content could vary quite a lot, a Falun Gong[1] site would be 100% legal in Canada, and 100% illegal in the PRC.

1: https://en.wikipedia.org/wiki/Falun_Gong#Persecution

Isn't it extremely obvious that getting someone else to hold the bag for you reduces your own risk?

Security has many different parts and objective, and it depend on the exact use case. If someone is hosting information on a public website they likely do not care about confidentiality, and they can already have a setup for backups. In that case all they might want from a host service is uptime and by using tor they get .

Naturally there are still risk with using a hosting service even when all information is intended to be public. The owner might change the content (integrity of the data), and it might be removed (denial of service), which is trade off for the convenience of not having to host it yourself and the uptime of 24/7 servers.

It’s not super simple to safely and securely host a hidden service. Not at all.

It's about as simple to host a website on tor as it is on the clear web. As a benefit you actually own your domain name instead of lease it on the whim of some third party subject to external countries laws and political/social pressures.

Plus it has built in side-effect anti-DOS properties so no need to centralize through companies like cloudflare.

There's huge benefits to hosting on tor even if it's just a regular website. None of my websites hosted on tor are illegal in my country.

Why not? Just keep a backup like any sane individual.

Yes, site owners should have maintained backups.

But even with backups, the .onion private key has been compromised, so you can't come back with the same .onion address.