[tor-talk] Practical deanonymization using CPU load covert channels
bancfc at openmailbox.org
bancfc at openmailbox.org
Sat Jul 16 02:37:45 UTC 2016
Hi. Whonix collaborator here. We've given a lot of thought to many types
of clock based attacks including the one you are researching so we are
interested to know more about how this applies to our platform.
To run Whonix in KVM please see the relevant steps here [0]. Let me know
if you have any further questions on setting it up.
Re-adjusting some of the terms you use to apply to VMs:
* Limiting CPU resources for Tor as opposed to the browser component is
what counts? (both are separate in the Whonix model)
* The cgroup equivalent for a hypervisor is to limit the number of CPUs
the Tor VM has access to? (currently one core - on a quad-core system
that's the 25% limit you recommend)
* Setting the Tor process to use nice 19 should take care of the ping
timings you mention?
* Taking into account that some users connect to the clearnet using
system running Whonix, do these mitigations still hold up?
***
[0] https://www.whonix.org/wiki/KVM#First_time_user.3F
More information about the tor-talk
mailing list