How come when I duckduckgo “what time is it”, that sometimes my actual time shows up instead of a random time? With boot clock randomization and sdwdate saying successful, shouldn’t it always be a random time?
Sometimes when I start a whonix-ws vm it will be a random time, but other instances it will be my actual timezone.
Does this happen to anyone else?
How come when I duckduckgo “what time is it”, that sometimes my actual time shows up instead of a random time?
the last hop is probably on the same timezone as you, see circuit path on Tor Browser.
Checking the time is not a reliable option because many people can be on the same timezone, but few people can be on the same ip. Check your IP on https://check.torproject.org/api/ip
With boot clock randomization and sdwdate saying successful, shouldn’t it always be a random time?
Boot clock randomization is only for the boot, to change between and and 180 seconds Boot Clock Randomization - Kicksecure . It is run during boot, before sdwdate starts.
With boot clock randomization and sdwdate saying successful, shouldn’t it always be a random time?
No. Read sdwdate: Secure Distributed Web Date
In sdwdate clock randomization was enabled by default for many versions. From sdwdate version 11.8 and above it needs to be opt-in, which is only done inside Kicksecure ™ through package anon-apps-config
/etc/sdwdate.d/40_anon-apps-config.conf RANDOMIZE_TIME=true. sdwdate version 11.8 does not enable clock randomization by default for non-Kicksecure ™ users.
Sdwdate is used to set the system clock, the randomization is used to ask the pools available via onion services and the median time of the results is used, as far as I understood from the docs.
At random intervals, sdwdate connects to a variety of webservers and extracts the time stamps from http headers (see: RFC 2616).
Thanks. That quote is invalid. That actually broke with the Kicksecure migration. Will fix it in the wiki now.
That package / file is installed in Whonix.
## See /etc/sdwdate.d/30_default.conf for description.
RANDOMIZE_TIME=true
https://github.com/Whonix/sdwdate/blob/master/etc/sdwdate.d/30_default.conf
## Add or subtract a random amount of nanoseconds (up to 1 second) when setting
## the time.
## Whonix enables this by default in package anon-apps-config.
#RANDOMIZE_TIME=true
I’m using qubes-whonix, but that conf file doesn’t exist for me. Is it still opt-in or is it enabled by default?
I guess I’m a little confused on why if sdwdate makes the time from the median of three onion services, that when I google what time it is, how could it be my real time?
Is it not reading my system clock and instead just checking timezone from the ip address?
Because the actual time displayed on my computer doesn’t change after sdwdate runs. Am I supposed to set clockVM to sys-whonix instead of sys-net?
be more verbose and concise.
I’m using qubes-whonix, but that conf file doesn’t exist for me. Is it still opt-in or is it enabled by default?
/etc/sdwdate.d/30_default.conf (the updated one) or /etc/sdwdate.d/40_anon-apps-config.conf (deprecated), see the tree https://github.com/Whonix/sdwdate/tree/master/etc/sdwdate.d
I guess I’m a little confused on why if sdwdate makes the time from the median of three onion services, that when I google what time it is, how could it be my real time?
This was already addressed on my response Boot Clock Randomization and sdwdate - #2 by nyxnor
Is it not reading my system clock and instead just checking timezone from the ip address?
No, but if you want to be sure, read your browser’s source code.
Because the actual time displayed on my computer doesn’t change after sdwdate runs. Am I supposed to set clockVM to sys-whonix instead of sys-net?
It randomizes the clock to make the request, but it is just a distributed time system using onion services to set your clock correctly.
Not deprecated.
How did you check it’s there or not?
It’s unrelated to RANDOMIZE_TIME=true.
Please refer to these pages:
Also compare with Tor Browser outside of Whonix for Generic Bug Reproduction / Free Support Principle.
No, that’s not what the feature says the feature is doing.
No.
sdwdate run in Whonix VM affects Whonix VM time. It doesn’t affect host / dom0 time.
Thanks for all this info, I was checking the conf file in dom0.
in /etc/sdwdate.d/30_default.conf in a whonix-ws vm, RANDOMIZE_TIME=true is commented out.
But in etc/sdwdate.d/40_anon-apps-config.conf it is active.
Is that an issue?
My expected result when searching “what time is it” in a whonix-ws vm is that the random time sdwdate sets is what would show up (the median of 3 random onions), instead it is occasionally my actual time.
Also, when I run date in my whonix-ws vm terminal, it is a different time than when I search “what time is it” in my browser.
Is this because searching in the browser just gives the time zone of the last hop? Whereas date gives me the time sdwdate has set in my system clock?