Re: [Tails-dev] [tor-talk] secure and simple network time …

Üzenet törlése

Válasz az üzenetre
Szerző: Elly Fong-Jones
Dátum:  
Címzett: tor-talk
CC: The Tails public development discussion list
Tárgy: Re: [Tails-dev] [tor-talk] secure and simple network time (hack)
On Tue, Apr 16, 2013 at 01:03:27PM +0200, intrigeri wrote:
> Hi Jacob and Elly,
>
> Thanks for your answers! See more questions bellow.
>
> Jacob Appelbaum wrote (11 Apr 2013 06:56:18 GMT) :
> > Basically - tlsdate in Tails would be a minor set of users compared to
> > the much larger user base of ChromeOS.
>
> Sure.
>
> I doubt we can blend in this "anonymity" set, though: unless Tails
> wants to forever copy the set of hosts ChromeOS queries (which I don't
> think we would want to rely upon on the long run), then Tails' use of
> tlsdate will probably be fingerprintable at least by the ISP if the
> connections are made in the clear, so we probably would want to run
> tlsdate over Tor anyway.


Even if not, there are other easyish ways to distinguish a Chrome OS device,
such as the autoupdate behavior.

> So, I'm now considering this (tlsdate over Tor) to replace our use of
> htpdate, and not to replace our initial time guess based on the Tor
> consensus [1].
>
> [1] https://tails.boum.org/contribute/design/Time_syncing/#index3h1
>
> > I'd like to settle on a list of hosts that it uses by default which may
> > include a Google host or not. I haven't yet decided.
>
> OK.
>
> Jacob, are you interested in implementing something like our current
> multiple pool -based approach [2], or something else with similar
> security properties? If Tails wants to move to tlsdate some day,
> I guess a prerequisite would be not to lose the nice security
> properties this approach currently gives us.
>
> [2] https://tails.boum.org/contribute/design/Time_syncing/#index4h2
>
> Elly Fong-Jones wrote (08 Apr 2013 03:06:02 GMT) :
> > The (slightly outdated now) time-sources design doc is here:
> > <https://docs.google.com/a/chromium.org/document/d/1ylaCHabUIHoKRJQWhBxqQ5Vck270fX7XCWBdiJofHbU/edit>
>
> Elly, is this design doc correct that tlsdate queries
> clients3.google.com only in ChromeOS?


Correct.

> (Given you implemented the multi-host feature, I'd be surprised that
> you don't use it, but I could not find what /etc/tlsdate/tlsdated.conf
> ChromeOS is using, so I don't know.)


We are supposed to be using it, but are not yet. Open bug :)

> Cheers,
> --
> intrigeri
> | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
> | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc


-- elly