[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] secure and simple network time (hack)

> Hi,
> adrelanos wrote (18 Jul 2012 18:37:18 GMT) :
>> To make our life even worse... Sorry... But not using NTP and only
>> emmiting Tor traffic is also pretty clearly Tails. Because that puts
>> you in the group of users "Uses Tor, nothing else, but does not use
>> NTP? How many people act like this?". So you should at least emmit
>> a fake NTP query (when others that usuaally do) and drop it.
> This is indeed true for a non-shared public IP, and is mitigated to
> some degree when sharing an IP (e.g. behind home router NAT,
> concurrently with others non-Tails systems).


> Looks like we'll need to think a bit more what kind of fingerprinting
> resistance a system like Tails can reasonably pretend to at this scale.

Don't give up too early. Man ntpdate says there is "-q     Query only -
don't set the clock.". That's perfect for a fake NTP query.

I just haven't found out how to tell ntpd to do the same. That is
required for a good fake.
tor-talk mailing list