[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] secure and simple network time (hack)


adrelanos wrote (18 Jul 2012 18:37:18 GMT) :
> To make our life even worse... Sorry... But not using NTP and only
> emmiting Tor traffic is also pretty clearly Tails. Because that puts
> you in the group of users "Uses Tor, nothing else, but does not use
> NTP? How many people act like this?". So you should at least emmit
> a fake NTP query (when others that usuaally do) and drop it.

This is indeed true for a non-shared public IP, and is mitigated to
some degree when sharing an IP (e.g. behind home router NAT,
concurrently with others non-Tails systems).

Looks like we'll need to think a bit more what kind of fingerprinting
resistance a system like Tails can reasonably pretend to at this scale.

(I'm re-adding the Cc to tails-dev, that was lost at some point.
Please don't drop it again.)

  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
tor-talk mailing list