[Tails-dev] todo/network_fingerprint

Delete this message

Reply to this message
Autore: adrelanos
Data:  
To: The Tails public development discussion list
Nuovi argomenti: Re: [Tails-dev] todo/network_fingerprint
Oggetto: [Tails-dev] todo/network_fingerprint
Hi,

Commenting on network fingerprint, on pages
https://tails.boum.org/contribute/design/Time_syncing/ and
https://tails.boum.org/todo/network_fingerprint/ (the latter has no
[tags] by the way)...

In April the topic "secure and simple network time (hack)" has been
discussed. Parts of that discussion also was about network
fingerprinting issues.

An interesting quote in that context, Jacob Appelbaum:
> I don't think so - I also this this is non-trivial. Some pluggable
> transports may seek to obfuscate traffic or to morph it. However, they
> do not claim to hide that you are using Tor *in all cases* but rather in
> very specific cases. An example threat model includes a DPI device with
> limited time to make a classification choice - so the hiding is very
> specific to functionality and generally does not take into account
> endless data retention with retroactive policing.


Quoting https://tails.boum.org/contribute/design/Time_syncing/:
> Tails developers still need to think thoroughly of these questions: are such fingerprinting possibilities a serious problem? What kind of

efforts and compromise should be made to prevent these?

Since you are shipping pluggable transport obfs3, I conclude, that you
want to serve users in censored areas, even if Tails design document
does not state that explicitly.

In fact, Tor has a network fingerprint, which DPI boxes can detect and
block. In what follows, pluggable transports are assumed to work
reasonable well to beat (some of these) DPI boxes (for most of the time).

Hence, I think, you will like Tails's network fingerprint detection
resistance (from ISP perspective) , at least to the extend, that it
beats DPI boxes at least as good as pluggable transports do. You
probable won't write into that design decision "we don't care if it
becomes clear to ISP's, that someone is using Tails".

What is also open to decide for you, is whether you like to improve the
network fingerprint (from ISP perspective) when these problems start
having real world impacts (censors start censoring based on Tails
network fingerprint) or precautionary.

Apart from this, I also made the suggestions, if Tails wanted to have to
have a good portion of more clearnet traffic instead of having only Tor
traffic, Tails could run an untorified mainstream Linux distribution in
chroot or in a VM.

Cheers,
adrelanos