During my research about Tor Hidden Services, improved security and anonymity I have found an interesting article, written in 2010, with the name Serve an anonymous shell via Tor.
It describes how to offer services in a FreeBSD VirtualBox instance, with encapsulated services in Jails (see image). By introducing multiple security layers and running the Tor hidden service on the host machine, outside VirtualBox, an attacker has to break out from the FreeBSD Jail and the VirtualBox instance, in order to get access to the hidden service private key and other data on the host. Another positive side-effect is, that the offered service sees the same internal IP address for each client.
By reproducing the architecture of the article I was able to host two services on my laptop. The first is a basic web server with static html. It is used to describe the second service, an IRC server. You may ask why I want to host a full IRC server on my laptop, how users can connect to it and who these users are. First of all, a Tor Hidden Service allows me to circumvent local firewalls and NATs. Additional the .onion domain does not change, no matter where I am. This makes it possible to host services on-the-go, without worrying about the local network structure, nor about changing IPs.
Lets analyse the properties of this setup and what advantages they have:
- Location Transparency: No matter where I am with my laptop I can always offer the same services, with the same endpoints aka. .onion domains. The same is possible with dynamic DNS, but only if the laptop has a public IP and/or ports are forwarded to this machine, if behind NAT or firewalls.
- Offering services from everywhere: As mentioned in the previous entry, NAT and firewalls are a problem. Without changing the settings, it is not possible to expose services to the outside world. This may be feasible, but not necessary desired, for home networks, but completely unfeasible in public places, like universities, airports and other public wireless hotspots. Tor Hidden Services solve this problem.
- Increased protection of the host machine: Offering a service to the outside world poses always a thread, especially if hosted on a private machine. By encapsulating it into multiple layers of virtualization and by taking other security measurements this thread could be minimized.
- Anonymity for all parties: It is desirable to hide the own location from the clients. In difference to services hosted by servers, our service location changes frequently and is related to physical location of the service host.
- Only temporary online: Another difference to servers, my laptop is not 24/7 online. That is not really a problem for a private communication network. The same way as I am offline in other instant messaging services, the service is offline too. This property could maybe used to build a network of temporary services in a decentralized, anonymous and secure way, where everybody controls the own data.
I have chosen to offer an IRC server for my personal correspondence with my friends. That is mainly a personal preference (I like the simplicity and beauty of the protocol). Feel free to host a mobile Jabber (XMPP) server or any other service that you can think of. Don’t forget to protect your communication by using Off-the-Record or OTR encryption and all other measurements that you can think of.
Please let me know in the comments what you think about these mobile, decentralized, anonymous services. How would you use them? Do you know how to improve them?