Re: [Tails-dev] Endless Data Attack and Defense

This message is part of the following thread:
Mthe complete thread tree sorted by date
Mintrigeri at <-
Mintrigeri at ->
Delete this message

Reply to this message
Author: adrelanos
Date:  
To: tails-dev
Subject: Re: [Tails-dev] Endless Data Attack and Defense
intrigeri:
> Hi,
>
> adrelanos wrote (06 May 2013 09:10:36 GMT) :
>> This means, it will wait a hardcoded 180 seconds in any case, even if
>> Tor is totally unable to connect (network down or censored). The
>> connection won't fail and curl won't exit before 180 seconds are over.
>
> I don't think we run htpdate in Tails before Tor is working. Do we?

No, but that's beside the point.

Just imagine Tor won't connect because there is no network or because
Tor is censored.

It's just that tails_htp (curl) would wait 180 seconds for every try.
And it can be quite a lot tries before tails_htp finally gives up.
Before that, there is no feedback whats happening.

The point of --max-time 180 is to defeat an endless data attack (or
bug), not to wait 180 seconds for a connection just because a single
server is unreachable. Hence, I thought additionally adding
--connect-timeout is necessary.

Cheers,
adrelanos

This message was posted to the following mailing lists:
tails-dev
Mailing List Info | Nearby Messages		<-[Tails-dev] Please review'n'merge bugfix/post-wheezy_pinningRe: [Tails-dev] Endless Data Attack and Defense->
lists.autistici.org administrated by postmasterLurker (version 2.3)