Silk Road forums
Discussion => Security => Topic started by: weedhead on April 02, 2012, 03:58 am
-
About 3 or 4 days ago, I noticed my system time was acting funny. I had noticed how tails adjusted the time to UTC since it had no way to tell what timezone I am in, and that's cool. One day however, after tails would set the system time, it would not remain across boots. Furthermore, I noticed that after initially connecting to the internet, tails would ALWAYS set my time to 1:30AM for a small amount of time, and then to the correct UTC time.
I'm concerned that LEO may be trying some timing attacks as described below:
"TLS attacks
Various deviations of system time can be detected in TLS traffic (e.g. HTTPS traffic). Attacker can modify system time of the target computer (or group of them) via NTP and easily trace TLS connections from anonymous network. "
from : http://www.forensicswiki.org/wiki/The_Onion_Router
Seems like an NTP Man in the Middle attack would be able to accomplish this..?
-
I noticed the same thing on my computer as well but I had/have no idea this was a security concern. Im a pretty paranoid person and this place is the shit, but scary at the same time.
Any more info on this would be appreciated by me as well.
-
or the more logical explanation... tails is a piece of shit.
-
I don't use tails either... if it will save settings, turn off automatic time updates.
-
This is normal behavior for amnesia. https://tails.boum.org/contribute/design/Time_syncing/ Authority consensus can't be validated if there's too much clock skew so Tor will shit a brick.
-
Guys please, it's "Tor", not "TOR", you can even check on the official Tor website or Wikipedia.
-
or the more logical explanation... tails is a piece of shit.
haha made me laugh :)
-
Guys please, it's "Tor", not "TOR", you can even check on the official Tor website or Wikipedia.
It's an abbreviation for the name of something, so it's understandable why people like to capitalize it. Sure, it's technically "Tor," but it's also technically "Lego bricks" and not "Legos," yet tons of people use the latter. It's not a big deal.
-
Tails has problems with time setting if riseup servers or the tails servers are down, no big deal
More likley a timing attack would be somebody in control of this site, or your email noting the time when you logged in, then getting your ISP records showing you connecting to Tor at that same time, over a period of six months. If you had a shitty lawyer that didn't know anything about Tor could be a problem.
Use a bridge, press tab and boot tails in bridge mode or if extremely paranoid use Obfsproxy though it's mainly reserved for democracy activists. Can also use a Tor socks proxy there's plenty you can buy for bitcoins
-
or the more logical explanation... tails is a piece of shit.
haha made me laugh :)
It's funny because its true
-
Timing attacks don't rely on your system time. All they have to do is watch the server they suspect you of connecting to while simultaneously monitoring your internet connection. If they see an incoming connection to the server at around the same time your internet connection shows corresponding activity on the Tor network, they now have one more reason to raid your ass.
The best defense is driving around a big city in a car while hoping onto random hotspots using a different local MAC address each time. Combine this with (relatively) private Tor bridges and you should be good.