[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] secure and simple network time (hack)

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] secure and simple network time (hack)
From: intrigeri <intrigeri@xxxxxxxx>
Date: Sat, 21 Jul 2012 03:32:49 +0200
Cc: tails-dev@xxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 20 Jul 2012 21:32:27 -0400
In-reply-to: <5007025E.50101@xxxxxxxxxx> (adrelanos@xxxxxxxxxx's message of "Wed, 18 Jul 2012 18:37:18 +0000")
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4F42AD50.4050807@xxxxxxxxxxxxx> <85sjgwz3kw.fsf@xxxxxxxx> <85629l4rne.fsf@xxxxxxxx> <5007025E.50101@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

Hi,

adrelanos wrote (18 Jul 2012 18:37:18 GMT) :
> To make our life even worse... Sorry... But not using NTP and only
> emmiting Tor traffic is also pretty clearly Tails. Because that puts
> you in the group of users "Uses Tor, nothing else, but does not use
> NTP? How many people act like this?". So you should at least emmit
> a fake NTP query (when others that usuaally do) and drop it.

This is indeed true for a non-shared public IP, and is mitigated to
some degree when sharing an IP (e.g. behind home router NAT,
concurrently with others non-Tails systems).

Looks like we'll need to think a bit more what kind of fingerprinting
resistance a system like Tails can reasonably pretend to at this scale.

(I'm re-adding the Cc to tails-dev, that was lost at some point.
Please don't drop it again.)

Cheers!
--
  intrigeri
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] secure and simple network time (hack)
  - From: adrelanos

References:
- Re: [tor-talk] secure and simple network time (hack)
  - From: intrigeri
- Re: [tor-talk] secure and simple network time (hack)
  - From: adrelanos

Prev by Author: Re: [tor-talk] secure and simple network time (hack)
Next by Author: Re: [tor-talk] secure and simple network time (hack)
Previous by thread: Re: [tor-talk] secure and simple network time (hack)
Next by thread: Re: [tor-talk] secure and simple network time (hack)
Index(es):
- Author
- Thread