[tor-talk] secure and simple network time (hack)
adrelanos
adrelanos at riseup.net
Sat Jul 21 04:16:29 UTC 2012
intrigeri:
> Hi,
>
> adrelanos wrote (18 Jul 2012 18:37:18 GMT) :
>> To make our life even worse... Sorry... But not using NTP and only
>> emmiting Tor traffic is also pretty clearly Tails. Because that puts
>> you in the group of users "Uses Tor, nothing else, but does not use
>> NTP? How many people act like this?". So you should at least emmit
>> a fake NTP query (when others that usuaally do) and drop it.
>
> This is indeed true for a non-shared public IP, and is mitigated to
> some degree when sharing an IP (e.g. behind home router NAT,
> concurrently with others non-Tails systems).
Yes.
> Looks like we'll need to think a bit more what kind of fingerprinting
> resistance a system like Tails can reasonably pretend to at this scale.
Don't give up too early. Man ntpdate says there is "-q Query only -
don't set the clock.". That's perfect for a fake NTP query.
I just haven't found out how to tell ntpd to do the same. That is
required for a good fake.
More information about the tor-talk
mailing list