[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [Tails-dev] secure and simple network time (hack)

On Tue, Apr 16, 2013 at 01:03:27PM +0200, intrigeri wrote:
> Hi Jacob and Elly,
> Thanks for your answers! See more questions bellow.
> Jacob Appelbaum wrote (11 Apr 2013 06:56:18 GMT) :
> > Basically - tlsdate in Tails would be a minor set of users compared to
> > the much larger user base of ChromeOS.
> Sure.
> I doubt we can blend in this "anonymity" set, though: unless Tails
> wants to forever copy the set of hosts ChromeOS queries (which I don't
> think we would want to rely upon on the long run), then Tails' use of
> tlsdate will probably be fingerprintable at least by the ISP if the
> connections are made in the clear, so we probably would want to run
> tlsdate over Tor anyway.

Even if not, there are other easyish ways to distinguish a Chrome OS device,
such as the autoupdate behavior.

> So, I'm now considering this (tlsdate over Tor) to replace our use of
> htpdate, and not to replace our initial time guess based on the Tor
> consensus [1].
> [1] https://tails.boum.org/contribute/design/Time_syncing/#index3h1
> > I'd like to settle on a list of hosts that it uses by default which may
> > include a Google host or not. I haven't yet decided.
> OK.
> Jacob, are you interested in implementing something like our current
> multiple pool -based approach [2], or something else with similar
> security properties? If Tails wants to move to tlsdate some day,
> I guess a prerequisite would be not to lose the nice security
> properties this approach currently gives us.
> [2] https://tails.boum.org/contribute/design/Time_syncing/#index4h2
> Elly Fong-Jones wrote (08 Apr 2013 03:06:02 GMT) :
> > The (slightly outdated now) time-sources design doc is here:
> > <https://docs.google.com/a/chromium.org/document/d/1ylaCHabUIHoKRJQWhBxqQ5Vck270fX7XCWBdiJofHbU/edit>
> Elly, is this design doc correct that tlsdate queries
> clients3.google.com only in ChromeOS?


> (Given you implemented the multi-host feature, I'd be surprised that
> you don't use it, but I could not find what /etc/tlsdate/tlsdated.conf
> ChromeOS is using, so I don't know.)

We are supposed to be using it, but are not yet. Open bug :)

> Cheers,
> --
>   intrigeri
>   | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
>   | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc

-- elly

Attachment: signature.asc
Description: Digital signature

tor-talk mailing list