[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Practical deanonymization using CPU load covert channels

Hi. Whonix collaborator here. We've given a lot of thought to many types of clock based attacks including the one you are researching so we are interested to know more about how this applies to our platform.

To run Whonix in KVM please see the relevant steps here [0]. Let me know if you have any further questions on setting it up.

Re-adjusting some of the terms you use to apply to VMs:

* Limiting CPU resources for Tor as opposed to the browser component is what counts? (both are separate in the Whonix model)

* The cgroup equivalent for a hypervisor is to limit the number of CPUs the Tor VM has access to? (currently one core - on a quad-core system that's the 25% limit you recommend)

* Setting the Tor process to use nice 19 should take care of the ping timings you mention?

* Taking into account that some users connect to the clearnet using system running Whonix, do these mitigations still hold up?


[0] https://www.whonix.org/wiki/KVM#First_time_user.3F
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to