[tor-bugs] #16659 [- Select a component]: Linux TCP Initial Sequence Numbers may aid correlation
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 27 11:27:54 UTC 2015
#16659: Linux TCP Initial Sequence Numbers may aid correlation
--------------------------------------+--------------------
Reporter: source | Owner:
Type: defect | Status: closed
Priority: normal | Milestone:
Component: - Select a component | Version:
Resolution: not a bug | Keywords:
Actual Points: | Parent ID:
Points: |
--------------------------------------+--------------------
Comment (by proper):
NTP, as per [https://www.ietf.org/rfc/rfc5905.txt NTP RFC] does leak the
local clock.
Origin Timestamp (org): Time at the client when the request departed
for the server, in NTP timestamp format.
Destination Timestamp (dst): Time at the client when the reply
arrived from the server, in NTP timestamp format.
So using it doesn't make things better, but worse. (Also NTP is in default
configuration unencrypted/unauthenticated, therefore accessible to
observation and modification by any ISP level adversary.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16659#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list