Re: [Tails-dev] [tor-talk] secure and simple network time (h…

Delete this message

Reply to this message
Autore: adrelanos
Data:  
To: tor-talk
CC: tails-dev
Oggetto: Re: [Tails-dev] [tor-talk] secure and simple network time (hack)
intrigeri:
> Hi,
>
> adrelanos wrote (18 Jul 2012 18:37:18 GMT) :
>> To make our life even worse... Sorry... But not using NTP and only
>> emmiting Tor traffic is also pretty clearly Tails. Because that puts
>> you in the group of users "Uses Tor, nothing else, but does not use
>> NTP? How many people act like this?". So you should at least emmit
>> a fake NTP query (when others that usuaally do) and drop it.
>
> This is indeed true for a non-shared public IP, and is mitigated to
> some degree when sharing an IP (e.g. behind home router NAT,
> concurrently with others non-Tails systems).


Yes.

> Looks like we'll need to think a bit more what kind of fingerprinting
> resistance a system like Tails can reasonably pretend to at this scale.


Don't give up too early. Man ntpdate says there is "-q     Query only -
don't set the clock.". That's perfect for a fake NTP query.


I just haven't found out how to tell ntpd to do the same. That is
required for a good fake.