[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Guard selection time and expiry



On Tue, Jan 19, 2010 at 01:48:50PM -0500, Lexi Pimenidis wrote:
> Just a minor thought: could an adversary learn some significant from the
> atime/mtime/ctime of the file you store the information in? If so, it could
> be nice to have that obscured, too :-)

This is the state file, so we store other things in it, including a
header like:

# Tor state file last generated on 2010-01-19 16:07:20 local time
# Other times below are in GMT

The state file gets written pretty frequently, especially for clients
now that mikeperry's new "circuitbuildtime" counting is in place.

So file properties shouldn't give much away about the timing of guard
selection -- but that's because mtime instead gives away roughly when
you last ran Tor (!).

I'm not sure it's worth going down the rabbit-hole to fix the "when did
you last run Tor" leak though.

--Roger