Re: [Tails-dev] Risks of enabled/disabled TCP timestamps?

Delete this message

Reply to this message
Autore: intrigeri
Data:  
To: The Tails public development discussion list
Oggetto: Re: [Tails-dev] Risks of enabled/disabled TCP timestamps?
jvoisin wrote (22 Dec 2013 19:46:18 GMT) :
> I agree with Jacob: I don't think Tails needs this features.
> TCP timestamps are defined in [RFC
> 1323](http://www.ietf.org/rfc/rfc1323.txt), entitled "TCP Extensions for
> High Performance".
> Timestamps are used for:


> - "Protection Against Wrapped Sequence Numbers", but in our case, I
> don't think that a "normal" Tails user could ever trigger a wrap,
> because as said in [RFC 1700](http://www.ietf.org/rfc/rfc1700.txt):
> "The current recommended default time to live (TTL) for the Internet
> Protocol (IP) [45,105] is 64.". A user would need to send roughly 2^32
> packets in one minute.


> - "Round-Trip Time Measurement", only useful when the user manage to
> saturate the his connection. I don't think that the limiting factor for
> transmission speed is the capacity of the user connection when using Tails.


> I think timestamps can be safely disabled :)


Thanks a lot for doing this research!

Care to file a ticket, drop a tcp_timestamps.conf into
config/chroot_local-includes/etc/sysctl.d/, and test the
resulting ISO?

I'll come back to you and Jacob for the design doc phrasing, as I'm
still not convinced we can put statements as bold as "tracking the
clock down to the millisecond" in there, without thinking a bit about
how an attacker is affected by the network lag between the time a TCP
timestamp was created, and the time when they get to see the packet.

I mean, I'm weak at stats and all and you probably know better, but
learning that "some unknown time ago, the system clock was T with
a millisecond precision" does not really give me the current system
clock with a millisecond precision, does it?

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc