[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] secure and simple network time (hack)

To: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>
Subject: Re: [tor-talk] secure and simple network time (hack)
From: intrigeri <intrigeri@xxxxxxxx>
Date: Sat, 21 Jul 2012 03:53:18 +0200
Cc: tor-talk@xxxxxxxxxxxxxxxxxxxx, tails-dev@xxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 20 Jul 2012 21:52:53 -0400
In-reply-to: <50089CE0.5080501@xxxxxxxxxxxxx> (Jacob Appelbaum's message of "Thu, 19 Jul 2012 23:48:48 +0000")
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4F42AD50.4050807@xxxxxxxxxxxxx> <85sjgwz3kw.fsf@xxxxxxxx> <85629l4rne.fsf@xxxxxxxx> <50089CE0.5080501@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

Hi,

Jacob Appelbaum wrote (19 Jul 2012 23:48:48 GMT) :
> The key difference with htpdate is that one has a cryptographic
> signature. I'll take a subset of possible MITM attackers over fully
> trusting something that anyone could MITM.

I think this is wrong in the context of Tails.

There are a few pieces of software called htpdate, and the one Tails
uses only connects to HTTPS servers, and delegates to wget the X.509
certificates validation:
https://tails.boum.org/contribute/design/Time_syncing/#index3h2

In addition, the pal/foe/neutral pool system Tails uses gives *some*
protection against untrustworthy sources of time information, which
limits what one can do with only a few illegitimate X.509 certificates
they got from a "trusted" CA:
https://tails.boum.org/contribute/design/Time_syncing/#index4h2

Thanks a lot for your detailed answer!
I'll think about the rest later.

Cheers,
-- 
  intrigeri
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] secure and simple network time (hack)
  - From: adrelanos

References:
- Re: [tor-talk] secure and simple network time (hack)
  - From: intrigeri
- Re: [tor-talk] secure and simple network time (hack)
  - From: Jacob Appelbaum

Prev by Author: Re: [tor-talk] secure and simple network time (hack)
Next by Author: Re: [tor-talk] TBB lags behind as Firefox ESR 10.0.6 is released
Previous by thread: Re: [tor-talk] secure and simple network time (hack)
Next by thread: Re: [tor-talk] secure and simple network time (hack)
Index(es):
- Author
- Thread