[tbb-bugs] #12999 [Tor Browser]: Use one clock skew per URL bar domain
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jan 29 04:52:23 UTC 2015
#12999: Use one clock skew per URL bar domain
--------------------------------+------------------------------------------
Reporter: | Owner: tbb-team
arthuredelstein | Status: new
Type: enhancement | Milestone:
Priority: normal | Version:
Component: Tor Browser | Keywords: tbb-fingerprinting-time-skew
Resolution: | Parent ID:
Actual Points: |
Points: |
--------------------------------+------------------------------------------
Comment (by arthuredelstein):
Replying to [comment:4 mikeperry]:
> One thing that Arthur and I discussed today was adding some kind of
RELAY cell command to obtain the current time from the exit. In
retrospect, this also seems bad, because the exit could use this to lie to
you about the current time to get you to accept an expired or invalid SSL
cert, or to generally cause havock on your notion of time for a webapp.
Good point. I guess there needs to be a way to detect lying, perhaps by
comparing to a time consensus. Though I'm not sure SSL cert validation
needs to be using the exit node clock in any case.
> Another option is to periodically run tlsdate-style time lookups using a
helper app independent from Tor, and use that for time. I think this may
actually be the sanest approach.
I agree this would be a simpler approach. My concern with it is that the
global system time on the client might have a skew that could be used to
link identities across different circuits. The worst case would be a
hostile time server. I also worry that an exit node imposing an arbitrary
latency to timing messages from the time server could result in a
detectable clock skew in the client.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12999#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list