[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16659 [- Select a component]: Linux TCP Initial Sequence Numbers may aid correlation

Subject: Re: [tor-bugs] #16659 [- Select a component]: Linux TCP Initial Sequence Numbers may aid correlation
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 27 Jul 2015 13:26:34 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 27 Jul 2015 09:26:44 -0400
In-reply-to: <046.a93f69999ace798ba68471a423b8e6ae@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.a93f69999ace798ba68471a423b8e6ae@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#16659: Linux TCP Initial Sequence Numbers may aid correlation
--------------------------------------+----------------------
     Reporter:  source                |      Owner:
         Type:  defect                |     Status:  reopened
     Priority:  normal                |  Milestone:
    Component:  - Select a component  |    Version:
   Resolution:                        |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |
--------------------------------------+----------------------

Comment (by yawning):

 Replying to [comment:14 nickm]:
 > I'm going to reopen this. I still say that the best point at which to
 try to resist stuff of this kind is at the application level, but
 resisting it better locally too can't be a bad idea.

 Well, there is one thing that we can do, though it'll be a lot of code
 (that I won't write).  Since part of the hash input is the TCP source
 port, we can use our cryptographic random number generator and explicitly
 randomize the source port on Linux (probably optionally).  This should
 mostly mitigate the "attack" in question.

 I still think this is extremely hard to exploit (bordering on "there are
 better things you can do if you are in a position to do so") and a kernel
 issue rather than a Tor issue.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16659#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #16659 [- Select a component]: TCP Initial Sequence Numbers Leak Host Clock
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #16674 [Tor]: Allow FQDNs ending with a single '.' in our SOCKS host name checks.
Next by Author: Re: [tor-bugs] #10943 [Tor Messenger]: Sandboxing Instantbird
Previous by thread: Re: [tor-bugs] #16659 [- Select a component]: Linux TCP Initial Sequence Numbers may aid correlation
Next by thread: Re: [tor-bugs] #16659 [- Select a component]: Linux TCP Initial Sequence Numbers may aid correlation
Index(es):
- Author
- Thread