Säkerhetsdesign

Läs :ref:’how_it_works’ först för att få grepp om hur OnionShare fungerar.

Liksom all programvara kan OnionShare innehålla buggar eller sårbarheter.

Vad OnionShare skyddar mot

Third parties don’t have access to anything that happens in OnionShare. Using OnionShare means hosting services directly on your computer. When sharing your files with OnionShare, they are not uploaded to any third-party server. If you make an OnionShare chat room, your computer acts as a server for that too. This avoids the traditional model of having to trust the computers of others.

Nätverkslyssnare kan inte spionera på något som händer i OnionShare under överföring. Anslutningen mellan Tor-onion-tjänsten och Tor Browser är slutpunkt-till-slutpunkt-krypterad. Detta innebär att nätverksangripare inte kan tjuvlyssna på något annat än krypterad Tor-trafik. Även om en tjuvlyssnare är en skadlig mötesplatsnod som används för att ansluta Tor Browser med OnionShares onion-tjänst, krypteras trafiken med onion-tjänstens privata nyckel.

Anonymiteten hos OnionShare-användare skyddas av Tor. OnionShare och Tor Browser skyddar användarnas anonymitet. Så länge OnionShare-användaren anonymt kommunicerar OnionShare-adressen med Tor Browser-användarna kan Tor Browser-användare och tjuvlyssnare inte se OnionShare-användarens identitet.

If an attacker learns about the onion service, they still can’t access anything. Prior attacks against the Tor network to enumerate onion services allowed attackers to discover private .onion addresses. To access an OnionShare service from its address, the private key used for client authentication must be guessed (unless the service is already made public by turning off the private key – see Turn Off Private Key).

Vad OnionShare inte skyddar mot

Communicating the OnionShare address and private key might not be secure. Communicating the OnionShare address to people is the responsibility of the OnionShare user. If sent insecurely (such as through an e-mail message monitored by an attacker), an eavesdropper can tell that OnionShare is being used. Eavesdroppers can access services that are still up by loading their addresses and/or lost key in the Tor Browser. Avoid this by communicating the address securely, via encrypted text message (probably with disappearing messages enabled), encrypted e-mail, or in person. This isn’t necessary when using OnionShare for something that isn’t secret.

Communicating the OnionShare address and private key might not be anonymous. Extra precaution must be taken to ensure the OnionShare address is communicated anonymously. A new e-mail or chat account, only accessed over Tor, can be used to share the address. This isn’t necessary unless anonymity is a goal.