Re: [Tails-dev] Risks of enabled/disabled TCP timestamps?

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] Risks of enabled/disabled TCP timestamps?
intrigeri wrote (23 Dec 2013 09:15:53 GMT) :
> Care to file a ticket, drop a tcp_timestamps.conf into
> config/chroot_local-includes/etc/sysctl.d/, and test the
> resulting ISO?


Anyone?

> I'll come back to you and Jacob for the design doc phrasing, as I'm
> still not convinced we can put statements as bold as "tracking the
> clock down to the millisecond" in there, without thinking a bit about
> how an attacker is affected by the network lag between the time a TCP
> timestamp was created, and the time when they get to see the packet.


> I mean, I'm weak at stats and all and you probably know better, but
> learning that "some unknown time ago, the system clock was T with
> a millisecond precision" does not really give me the current system
> clock with a millisecond precision, does it?


This still needs some input.

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc