Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> The next logical step after this blog post is making your services accessible to your phone over the public net. You'll immediately find yourself mired in domain name registration, VPS management, TLS cert management, dyndns, port forwarding, hole punching, etc etc.

You'll need don't need any of that with Onion Services. Tor does not only anonymize, but offers easily configurable services with NAT punching, an .onion Domain and e2e crypto for free. And setting them up is easy enough https://community.torproject.org/onion-services/setup/

You'll just need tor or a tor browser to access those services, but that shouldn't be a problem for many self-hosting setups



Isn't tor exceptionally slow though? I haven't used it in a few years - has anything changed?


Most slowness comes from exit nodes which you don't need to access onion services. There're also single-hop onion services, which should be a bit faster while sacrificing server anonymity if i understand correctly


Is there a safe service I can try out to see how fast it can potentially be?


Depends on your definition of "safe", but there's an official Onion service for Facebook for example: http://facebookcorewwwi.onion


You can watch videos on it fine these days - though I wouldn't recommend, for social ethical reasons, using it for streaming movies/music off your personal server.

Unless of course, you are running a node.


It is. It's not practical for this use-case.


It’s slow, with NSA hunting at exit nodes.


Exit nodes aren't used if one connects to an onion service.

And for all we know, the NSA snoops traffic at all major internet exchanges, so tor exit nodes might get extra attention, but so do e.g. people who's search history suggests they might be sysadmins (if i remember reports on xkeyscore selector correctly)


If this idea sounds great but the Tor part is a bit much for you, have a look at tailscale.com

It sets up WireGuard (also feat. NAT hole punching) in a mesh between your devices. You can static route things to it using standard firewalling/iptables/etc if you feel the need too.

It's basically having a LAN but you're on the LAN even when you're not at home.

Edit: Hahaha. I discovered Tailscale myself through this thread, left the tab open..


Wow that is interesting, never thought about this usecase for Tor before, that looks like a fun project to figure out




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: