Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #8170

Closed (moved)
Open
Opened Feb 06, 2013 by proper@proper

get independent from host clock time / insecure NTP

NTP server admins can willingly or if their server gets compromised and any man-in-the-middle can tamper with NTP replies and therefore introduce a unique clock skew.

Almost no one is using authenticated NTP, because there are no instructions in a forum or blog how to enable NTP authentication. Therefore almost everyone uses standard configuration and is at risk.

Also due to a clock defect, low battery, clock can skew without tampering with NTP.

Since the browser ^1^ and other applications transmit time stamps, it can be used to track individual users. For example, a clock skew of +/-30 minutes may not worry the user ("That damn clock is wrong again. I use my watch instead.") but could identify the user even when using Tor.

Also adversaries who didn't introduce the clock skew could use it to identify users. If the user visits a website under adversary control ^2^ without Tor for some non-anonymous activity, it knows the clock skew. Later, if the user visits another website under adversary control, it can see the same clock skew, which is at least a strong anonymity set reduction.

,, ^1^ Also #1517 (moved) "Provide JS with reduced time precision" wouldn't help much, since it wouldn't do something about bigger clock skews. ^2^ Nowadays with services like google analytics and facebook like button, there are servers which are present on a high percentage of all websites.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Tor: unspecified
Milestone
Tor: unspecified
Assign milestone
Time tracking
None
Due date
None
Reference: legacy/trac#8170