Re: [Tails-dev] [tor-talk] secure and simple network time …

Delete this message

Reply to this message
Autor: adrelanos
Data:  
CC: Elly Fong-Jones, tor-talk, The Tails public development discussion list
Assumpte: Re: [Tails-dev] [tor-talk] secure and simple network time (hack)
Jacob Appelbaum:
> adrelanos:
>>>
>>> We already fail this test, no?
>>
>> Not necessarily. This is a difficult question.
>>
>
> Tor does not hide that you are using Tor


Yes, but... While making this point up, I saw pluggable transports as a
tool which can be thrown into the mix and make this a non-issue.

(In theory obfsproxy and alike tools can hide the fact that someone is
using Tor, which will be required against trying-hard-censurers so or
so. This assumes, that pluggable transports will win the arms race
against censors.)

> and using Tails or Whonix is an
> example of a system only emitting Tor traffic.


The plan is...

Whonix:
When using VMs (as most people do), there is still a host operating
system people start first - so there is not only Tor traffic. Tor usage
can be hidden by using pluggable transports.

Tails:
When this becomes an issue, there are two workarounds:
- running Tails in a VM (naturally requires starting a non-Tails os
beforehand) using pluggable transports to hide Tor usage
- booting a second computer with a non-Tails operating system behind the
same router, wait a bit, run Tails using pluggable transports to hide
Tor usage

And one possible fix: boot the amnesic system, simulate "this is Debian"
(or other mainstream distro) by running it untorified in chroot or in a
VM; fire up Tor using pluggable transports to hide Tor usage.

The point I wanted to make is, I can very well imagine, not to fail this
test, i.e. pretending to be a mainstream distribution, having non-Tor
traffic and obfuscating Tor traffic using pluggable transports. Perhaps
it can be prevented, that tlsdate introduces new operating system
fingerprinting possibilities for ISPs.

> It depends on your threat
> model but generally, we'd just making up "someone could" as a network
> distinguisher.


Yes.

> I assert that someone could watch - see no traffic except
> encrypted traffic, decide it is Tor and then decide you're running Tails
> or Whonix.


I tried to picture solutions to that above.

<snipped the rest, where I can't answer>