That is a great list! I guess most of them will be fine.
That brings me to an important releated question. How many onion time sources we want to add at maximum? The more we add, the more we have to maintain and remove later if/when they go down or start time drifting too much.
There are not really that much new addresses in that list
I think it is not a problem to have too much addresses as it would be an easier decision to get rid of the ones that are not stable or can’t keep the time accurate
For example 344c6kbnjnljjzlz.onion#VFEmail was online today but went offline again, I think there’s no reason to readd this in future, I could change “removed because down” to “removed because down or unstable”
So I don’t think we should even contact the ones with inaccurate time as we don’t need more time sources, however we may readd them if they keep the time correct by themselves
Is it a bad idea to increase the chance of torproject or debian’s lists to be chosen? This would mean we trust them a little more than the rest and will make use of their huge list of addresses. I don’t suggest separating the whole list but perhaps keeping them at a preferable percentage by splitting the lists by for example 2 or 3 or 4 or 6 … (they have 48 total) this becomes more reasonable the more the rest of the list grows
Is it a bad idea to increase the chance of torproject or debian’s
lists to be chosen? This would mean we trust them a little more than
the rest and will make use of their huge list of addresses. I don’t
suggest separating the whole list but perhaps keeping them at a
preferable percentage by splitting the lists by for example 2 or 3 or
4 or 6 … (they have 48 total) this becomes more reasonable the
more the rest of the list grows
It’s an interesting idea.
Long term, sdwdate is not supposed to be only used inside Whonix. It
would be hard to argue about this.
Even if we trust these organizations more, we do not trust their servers
more. We’d need more information on who has sysadmin access to which
server and how servers are separated. Getting into a rabbit hole from
something simple to something complex.
securedrop, globaleaks and onionmail are all good lists. However, could you weed them out please?
That attack I am concerned about here is anonymously setting up loads of securedrop / globaleaks and/or onionmail services in the hope that we will blindly add all of them to sdwdate.
A good criteria for adding them is if the secure drop host is accountable. For example we could use the usa today secure drop, but not those where we know nothing about the host.
@bmtkn1 Adding to Patrick’s comment please link to a page that shows the clearnet addresses of the securedrop instances so we know that there is a connection with a trusted organization rather than someone randomly spinning up VMs.
@anonymous1 Great work but IMO we should keep the 20+ servers removed or move them to a list of their own to decrease their weighting in the time pool. When averaging with the output of other servers it should dilute the difference. 2 seconds is not much however we need every trusted onion server we can get.
Whonix needs a correct clock within 30 mins of the right time to access onion servers.