[tor-bugs] #16659 [- Select a component]: TCP Initial Sequence Numbers Leak Host Clock
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jul 26 18:12:46 UTC 2015
#16659: TCP Initial Sequence Numbers Leak Host Clock
--------------------------------------+-----------------
Reporter: source | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: - Select a component | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
--------------------------------------+-----------------
Comment (by yawning):
So patch your kernel? I'm not seeing why this is a Tor issue, beyond "if
you switch to using a UDP based transport, this will be a non-issue".
Your Guard, or anyone that sits between you and your Guard knows who you
are. Leaking the delta of a timer that is on a 274s period with 64 ns
resolution doesn't seem like a big deal. Real time in ns is shifted,
truncated, then added to a salted hash to derive the ISN, so it's not like
it's possible to work backwards to the real time (or for that matter the
original timer value) in any way, the best you can do is obtain load
information via clock skew.
I'm tempted to NAB this unless someone tells me otherwise.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16659#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list