[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] secure and simple network time (hack)
grarpamp:
>> Why don't we propose a clean solution for this time mess anyway?
>
> Is this that big of a deal? If a would be Tor user doesn't know
> what time it is and/or can't set their clock manually, they've got
> bigger issues to worry about.
>
> And given 90% of these users use windows, they're set via ntp by
> default (or rooted via other means) already.
Yes, it's a big deal. First time asked "System time in anonymity
oriented LiveCDs". [1]
We can't solve the problems with Windows and compromised Windows
machines. This solution is needed for pepole who really care about
security / anonymity. People who are interested in Tails, Liberte
Linux or aos.
These projects are interested in a solution. Setting time manually is
really inconvinient.
> In fact, since afaik Tor's entire trust is based on what the top
> level dir auths say,
There is a ticket from a Tor dev to change this.
> all other nodes besides auths likely have no need to consider
> time... just sigs. Even auths might not need to either... rather,
> just publish good timestamps for recordkeeping (exonerator, stats,
> etc) is all.
Time is important. Since (for example) javascript can read it, an
adversary controlled time skew can de-anonymize. Also read Steven J.
Murdoch's paper about clock skew. Good for introduction as well. [2]
> Last, is using Tails (or any OS for that matter) somehow going to
> get you more blocked than blocked (or dead than dead) than for
> already using Tor? Doubt it.
What do you want to say with more blocked than blocked? I doubt Tails
is dead given the number of users and dev activity.
[1]
https://lists.torproject.org/pipermail/tor-talk/2011-January/008849.html
[2] https://tails.boum.org/contribute/design/Time_syncing/
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk