[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] secure and simple network time (hack)
>> Why don't we propose a clean solution for this time mess anyway?
> Is this that big of a deal? If a would be Tor user doesn't know
> what time it is and/or can't set their clock manually, they've got
> bigger issues to worry about.
> And given 90% of these users use windows, they're set via ntp by
> default (or rooted via other means) already.
Yes, it's a big deal. First time asked "System time in anonymity
oriented LiveCDs". 
We can't solve the problems with Windows and compromised Windows
machines. This solution is needed for pepole who really care about
security / anonymity. People who are interested in Tails, Liberte
Linux or aos.
These projects are interested in a solution. Setting time manually is
> In fact, since afaik Tor's entire trust is based on what the top
> level dir auths say,
There is a ticket from a Tor dev to change this.
> all other nodes besides auths likely have no need to consider
> time... just sigs. Even auths might not need to either... rather,
> just publish good timestamps for recordkeeping (exonerator, stats,
> etc) is all.
adversary controlled time skew can de-anonymize. Also read Steven J.
Murdoch's paper about clock skew. Good for introduction as well. 
> Last, is using Tails (or any OS for that matter) somehow going to
> get you more blocked than blocked (or dead than dead) than for
> already using Tor? Doubt it.
What do you want to say with more blocked than blocked? I doubt Tails
is dead given the number of users and dev activity.
tor-talk mailing list