[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] I've yet to understand <clock skew> attacks on hidden services

On 2011-08-20, hikki@xxxxxxxxxxxxx <hikki@xxxxxxxxxxxxx> wrote:
> I've read a lot about it, but I'm hoping for a simplified explanation for a
> simplified guy. ;)
> If my hidden service server has a clock that is 5 minutes wrong, how can
> anyone use that to locate me?

They can only use that to locate your server if they can either
connect to it directly (not through Tor) or accept a non-Torified
connection from it, and determine what your server thinks is the
current time based on information it receives on that connection.

The obvious ways that your server could leak its current time include
running a web server and sending e-mail messages.  The less obvious
ways include opening an outbound TLS connection and running a cron job
with externally observable effects (e.g. an automatic update

Robert Ransom
tor-talk mailing list