Without understanding details of the tor design, did you mention that tor knows the "real" time? So why dont you let tor set the right time. There could be a torrc setting like "when connecting to tor set system time according what tor says". This would enforce to run tor as root, not as unprivileged user, but this is a Live system, so this might be no problem(?). Would this be a nice tor extension to help the LiveCD users? Kind Regards Thomas Am Montag 03 Januar 2011 schrieb anonym: > Hi list, > > One issue for anonymity-oriented LiveCDs (such as T(A)ILS[1] and Liberté > Linux[2]) is the system time. Tor requires a reasonably correct system > time, otherwise no circuits will be opened. This is a major problem for > these LiveCDs since they generally route all traffic through Tor > transparently (using netfilter/iptables and the like) so no Tor circuits > implies no network access for the user. > > The obvious fix might seem to be to run something like NTP before Tor > starts, but since NTP isn't authenticated at the moment[3] an adversary > could intercept the NTP sync and force a crafted time on the user which > later can be used to fingerprint the user if s/he uses some > protocol/application which leaks system time. Hence NTP is out of the > question. > > Liberté Linux has a novel solution to this problem[4] -- it sets the > system time according to the Tor consensus' valid-after/until values, > which essentially removes Tor's time skew check. We T(A)ILS developers > are tempted to implement the same solution, but first we'd like to ask > here if this is safe, or if it opens up for any unexpected type of > attacks or problems. > > If any one has a completely different solution for the system time issue > we're very interested in hearing that out as well. > > Cheers!
Attachment:
signature.asc
Description: This is a digitally signed message part.