[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

Dev Time Sync on Host

General Tor and Anonymity Talk
#1

Hi,
I red the Dev/Time-Sync page .
It redirected me to the web page and I found out that it’s a mod of Tails Time Sync : sdwdate .
First of all, I would to install it on the host to run updates through TOR, but before testing, how can I install it :smiley: ?
Should it run as a daemon or not ?
I wouldn’t install from git repository for security reason, it’s my choice, I would make a manual installation .

I also have other questions :

  1. If I use only Whonix connection while I surf anonymouse, my time on the host is a problem ? Is it sent to the servers ?
  2. I know that time sync should run after TOR bootstraping, so I think I should run manually it, the time sync daemon starts immediately or wait TOR connection ?
    For host I use tor-arm with tor package manually, definitely how can I set up my system ? How can I run sdwdate then ?
  3. I don’t use ntp, may is there other time sync services ? How can i find and disable them ?

There are too questions but I need a help .
I would contribute with Whonix, how can I do this ? I’m not an expert, you understood it :smiley: .
But if I should test distribution versions, softwares, no problem :slight_smile: .

#2

It’s unsupported. (https://www.whonix.org/wiki/FAQ#What_do_you_mean_by_unsupported.3F)

It redirected me to the web page and I found out that it's a mod of Tails Time Sync : sdwdate .
I don't think you can call it a mod.
First of all, I would to install it on the host to run updates through TOR, but before testing, how can I install it :D ?
I don't see how sdwdate is related to updates through Tor. It's Tor, not TOR.
Should it run as a daemon or not ?
Generally supposed to be run as a daemon. Possibly other use cases for experts.
I wouldn't install from git repository for security reason, it's my choice, I would make a manual installation .
Depends on how manual. It's certainly possible with the right knowledge. Once you have genmkfile installed, you can install the package as simple as with "make deb-icup". If you don't want a Debian package, then there is only "make install" + emulate what the Debian package would do. Look at the maintainer scripts + systemd enabling (that would be automated by debhelper). I won't be writing documentation on manual installation, but I see no point in it.
1) If I use only Whonix connection while I surf anonymouse, my time on the host is a problem ? Is it sent to the servers ?
See, - https://www.whonix.org/wiki/Dev/TimeSync - https://www.whonix.org/wiki/Dev/TimeSync#Local_Clock_Leaks - https://www.whonix.org/wiki/Time_Attacks
2) I know that time sync should run after TOR bootstraping, so I think I should run manually it, the time sync daemon starts immediately or wait TOR connection ?
https://github.com/Whonix/sdwdate-plugin-anon-shared-con-check
3) I don't use ntp, may is there other time sync services ? How can i find and disable them ?
That's one of the problem why it's unsupported. There are too many of them on too many different host operating systems. On Debian, check that packages ntp, ntpdate are uninstalled and run "timedatectl set-ntp 0". Check with "timedatectl".
I would contribute with Whonix, how can I do this ? I'm not an expert, you understood it :D .
Pick something from https://www.whonix.org/wiki/Contribute.

[hr]

The planned long term fix will be to make it possible to use Qubes-Whonix-Gateway as ClockVM on Qubes.
https://phabricator.whonix.org/T387
Yes, Qubes specific, but a more general solution is like maintaining a second project next to Whonix.

#3

Sdwdate is related to Tor because if I have an incorrect clock I may download incorrect updates, old version or wrong version expecially .

I red to the manual I have to just copy the etc/ and usr/ folder files to the correspective of my Host OS, it was too easy and nice :smiley: .

I belive to have disabled all leaks on my Host, I personalized my sysctl.conf, I will open a discussion for that and you can verify . However, what you advised me here and on the guide of Whonix is done .
Other services don’t run, so no connection will enstablish unless my order .

With “timedatectl” seems that don’t exist active services of this type, I setted up my hardware-clock manually .

Thanks to the long answer, you are always here :slight_smile: .

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]