[tor-bugs] #16659 [- Select a component]: TCP Initial Sequence Numbers Leak Host Clock
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jul 24 19:57:47 UTC 2015
#16659: TCP Initial Sequence Numbers Leak Host Clock
--------------------------------------+-----------------
Reporter: source | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: - Select a component | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
--------------------------------------+-----------------
Comment (by nickm_mobile):
Hmm. So, this issue wouldn't work the same way as the ssl clienthello
issue would work. WIth clienthello, the timestamp was sent both locally in
non-anonymized tls and remotely in anonymized tls. Here, the timestamp is
sent locally, but not remotely, since tor doesn't relay tls headers.
Now, there could still be an issue : if tcp (or some other protocol) leaks
the client's view of the current time to the local network, and some other
protocol leaks the client's view of the time remotely.
Generally, the answer we've mostly gone with in cases like that is to
attend mostly to the anonhmized protocol. There's generally more work to
do there anyway. But if there's an easy fix to better hide more time info
in tcp, I'd be in favor.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16659#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list