Wired article on Tor
John Kimble
det.j.kimble at gmail.com
Sat Dec 30 13:49:01 UTC 2006
If I were to set up a machine with any information worth hiding behind
Tor, I wouldn't have made it accessible other than through Tor's
hidden service.
Even if such a machine is accessible from the Internet, the risk is
still manageable because timestamps could have come from only a
limited number of places (please supplement if I miss any): (1)
Applications that are deliberately giving up the timestamp, e.g. a web
application, or even NTP server - just don't expose these to the
Internet directly, if your machine contains anything worth hiding
behind Tor; (2) HTTP reply headers - these can be filtered out or
altered; (3) TCP timestamp - these can be disabled either by firewall
rules or in the kernel (in Linux, by setting net/ipv4/tcp_timestamps=0
in sysctl).
...Unless the very fact that your machine is unusually sanitary is
already incriminating, of course.
- John
On 12/30/06, Dan Collins <en.wp.st47 at gmail.com> wrote:
> Anil Gulecha wrote:
> > I wanted to know what the developers think :
> >
> > http://www.wired.com/news/technology/0,72375-0.html?tw=rss.technology
> >
> >
> > Regards
> >
> A very interesting and unique idea, though I can't believe that the
> change due to a little heat would be detectable?
>
> --
> GnuPG key ID is 0x84189146 on subkeys.pgp.net
>
>
>
>
More information about the tor-talk
mailing list