[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: How to set time.



Watson Ladd wrote:
Niels Elgaard Larsen wrote:

On the other hand it would work better for eg. TOR browser bundle.
It would enable an entry guard to give a different time to a client, and
 so distinguish that client's connections to sites of interest via
protocols that use a timestamp sent in the clear.

Yes, that was why i suggested only using it to set the time zone by changing the clock a number of hours.

Using an average of three entry-nodes could also work. Maybe add a little random time.

Because what is the alternatives for setting time?

GPS or DCF77 would be good, but requires hardware.

Having users setting it from other sources would work, but not is very user friendly. Especially on a live-cd where we do not even know the local timezone, we would have to let the user also input the timezone or ask what time it is in London now.

NTP is an option, but if used without authentification it also opens up for the attack you described. For an organization or a country controlling an entire network it would be easy to change timestamps in flight. NTP is even worse because you could change the clock many times during a session. And which NTP-servers with authentification would you use?