jvoisin wrote (22 Dec 2013 19:46:18 GMT) : > I agree with Jacob: I don't think Tails needs this features. > TCP timestamps are defined in [RFC > 1323](http://www.ietf.org/rfc/rfc1323.txt), entitled "TCP Extensions for > High Performance". > Timestamps are used for:
> - "Protection Against Wrapped Sequence Numbers", but in our case, I > don't think that a "normal" Tails user could ever trigger a wrap, > because as said in [RFC 1700](http://www.ietf.org/rfc/rfc1700.txt): > "The current recommended default time to live (TTL) for the Internet > Protocol (IP) [45,105] is 64.". A user would need to send roughly 2^32 > packets in one minute. > - "Round-Trip Time Measurement", only useful when the user manage to > saturate the his connection. I don't think that the limiting factor for > transmission speed is the capacity of the user connection when using Tails. > I think timestamps can be safely disabled :) Thanks a lot for doing this research! Care to file a ticket, drop a tcp_timestamps.conf into config/chroot_local-includes/etc/sysctl.d/, and test the resulting ISO? I'll come back to you and Jacob for the design doc phrasing, as I'm still not convinced we can put statements as bold as "tracking the clock down to the millisecond" in there, without thinking a bit about how an attacker is affected by the network lag between the time a TCP timestamp was created, and the time when they get to see the packet. I mean, I'm weak at stats and all and you probably know better, but learning that "some unknown time ago, the system clock was T with a millisecond precision" does not really give me the current system clock with a millisecond precision, does it? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc _______________________________________________ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
