[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] secure and simple network time (hack)

To: tor-talk@xxxxxxxxxxxxxxxxxxxx, tails-dev@xxxxxxxx
Subject: Re: [tor-talk] secure and simple network time (hack)
From: intrigeri <intrigeri@xxxxxxxx>
Date: Fri, 05 Apr 2013 22:26:14 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 05 Apr 2013 16:26:54 -0400
In-reply-to: <50089CE0.5080501@xxxxxxxxxxxxx> (Jacob Appelbaum's message of "Thu, 19 Jul 2012 23:48:48 +0000")
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4F42AD50.4050807@xxxxxxxxxxxxx> <85sjgwz3kw.fsf@xxxxxxxx> <85629l4rne.fsf@xxxxxxxx> <50089CE0.5080501@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

Hi,

Jacob Appelbaum wrote (19 Jul 2012 23:48:48 GMT) :
> intrigeri:
>> So, Jake tells me that ChromeOS will use tlsdate by default, and that
>> this should solve the fingerprinting issue. Therefore, I assume this
>> implicitly answer the (half-rhetorical, I admit) question I asked in
>> March, and I assume there is indeed some fingerprinting issue. So, in
>> the following I'll assume it's relatively easy, for a close network
>> adversary (say, my ISP) to detect that I'm using tlsdate.
>> 

> It isn't shipping yet, so we'll see what happens.

I'm told ChromeOS ships it nowadays, so I'm excited at the idea to
learn more about it, so that we can move forward a bit about the
fingerprinting issue.

I was not able to find any authoritative information about how they
run it. Their time sources [1] design doc is quite clearly outdated.
Where can I find up-to-date information on this topic? I assume one of
the dozens of Chromius Git repositories [2], but which one?

[1] http://www.chromium.org/developers/design-documents/time-sources
[2] http://git.chromium.org/gitweb/

Cheers,
-- 
  intrigeri
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] secure and simple network time (hack)
  - From: Gregory Disney
- Re: [tor-talk] [Tails-dev] secure and simple network time (hack)
  - From: Jacob Appelbaum

Prev by Author: Re: [tor-talk] ExcludeEntryNodes
Next by Author: Re: [tor-talk] [Tails-dev] secure and simple network time (hack)
Previous by thread: [tor-talk] problems with the update
Next by thread: Re: [tor-talk] secure and simple network time (hack)
Index(es):
- Author
- Thread