[tor-bugs] #16659 [- Select a component]: Linux TCP Initial Sequence Numbers may aid correlation

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jul 27 11:27:54 UTC 2015


#16659: Linux TCP Initial Sequence Numbers may aid correlation
--------------------------------------+--------------------
     Reporter:  source                |      Owner:
         Type:  defect                |     Status:  closed
     Priority:  normal                |  Milestone:
    Component:  - Select a component  |    Version:
   Resolution:  not a bug             |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |
--------------------------------------+--------------------

Comment (by proper):

 NTP, as per [https://www.ietf.org/rfc/rfc5905.txt NTP RFC] does leak the
 local clock.

    Origin Timestamp (org): Time at the client when the request departed
    for the server, in NTP timestamp format.

    Destination Timestamp (dst): Time at the client when the reply
    arrived from the server, in NTP timestamp format.

 So using it doesn't make things better, but worse. (Also NTP is in default
 configuration unencrypted/unauthenticated, therefore accessible to
 observation and modification by any ISP level adversary.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16659#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list