Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 325
    • Issues 325
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 30
    • Merge requests 30
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #17188
Closed
Open
Issue created Sep 30, 2015 by Trac@tracbot

Tor should warn users when traveling backwards through time

An attacker can do evil things by rewinding a user's clock, without having to own their machine (e.g., NTP attacks).

Tor maintains a monotonic clock to prevent rewinding attacks while Tor is running. Tor also keeps some persistent information about the user's time in the state file, in the LastWritten field.

On launch, if Tor sees that the system time has been rewound to before the LastWritten time, it should warn the user that something strange is happening. However, Tor should not update the monotonic clock or fail to launch, since the user may have changed the time deliberately.

Trac:
Username: hdevalence

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking