“sudo echo 0 > /proc/sys/net/ipv4/tcp_timestamps” alone isn’t good advice. Does not survive reboot. And it’s already documented here:
Why duplicate it?
And if we wanted duplicates, we should use templates to avoid a delta.
To mitigate TCP ISNs you must avoid sending any traffic clearnet.In that context... How is that possible? Tor traffic itself uses TCP. I am not talking about what's inside the Tor streams. Talking about a Tor client's own connections to Tor relays [or bridges]. Such as the initial connection handshake. Tor uses the operating systems's usual routines for that, hence the kernel's TCP, hence TCP ISNs will leak. Not?