Linux 5.6 Includes Multipath TCP

I’m looking to identify the CONFIG buttons for this and disabling them when 5.6+ comes around. I think we already disable a similar feature? If so I’ll create a phab ticket to remind me. @madaidan


1 Like

The config option is CONFIG_MPTCP although what’s the point of disabling this?

1 Like

The idea is the more complexity, the more security bugs and I was proven right when I found the research to back it:


I wonder how it can harm anonymity? It makes it easier to infer throughput of a stream

This is unrelated to the reverse path filtering stuff you already discussed.

1 Like

Alright, that makes a lot of sense.

We can also disable it via the net.mptcp.mptcp_enabled sysctl in security-misc.


It looks more like it helps anonymity. From the third link:

“Technology like MPTCP makes it much harder for surveillance states,” Pearce said. “If I split traffic across my cell provider and an ISP I may not trust, in order for a surveillance state to snoop they have to collaborate with all these parties. It’s a much harder proposition.”

Tor basically does this already though due to the 3 nodes in a circuit. Dunno if MPTCP would help. That’d be a question for Tor devs.

1 Like

This is an open question from one of TPO’s web fingerprinting blog posts. It is not known if that’s the case yet.

1 Like
[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]