[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

Time isolation?

Development
#1

I was wondering if it was possible to randomize identifying timestamps on socks/trans port connections either on uwt, workstation or gateway. My assumption is that it is currently easy to correlate activities using stream isolation as long as they share the same system time, i.e. originate from the same workstation

Or does this depend on the application or protocol whether it leaks the system time or not. If I use uwt stream isolation on the same application on same workstation that only deals with http, am I safe?

Is there any system that provides random system time for each application or multiple instances of applications, Qubes? Is this possible?

#2

A different idea related to time anonymity (could be separated from this thread), Whonix could include a small gui app designed to easily change the created/modified/accessed timestamps of files or folders. This would help people who share files to hide information from adversaries about the date of file creation/download/access. I don’t know if such a tool exists for linux. Perhaps mat (metadata anonymisation toolkit) could implement this feature, but even then it would take a long time for the feature to appear in stable debian repositories.

#3

This is an application level problem and not something Tor can be responsible for.

Normally a leaking protocol on a workstation leaks the randomly set time give to it by sdwdate. A different workstation would have a slightly different time.

#4

MAT cleans file metadata including that information. Its included in Whonix.

#5

Yeah, Tor could not solve that problem, that’s why I’m raising it up here, Whonix or Qubes are the only likely systems to have the motivation or background to solve this problem.

I was talking about setting up custom timestamps, like NewFileTime does for Windows. mat does clean the timestamp by putting the “cleaning” time on each file which is another issue. Real time anonymity means the ability to put fake information in timestamp

#6

Related, check this out. TODO documentation:
https://phabricator.whonix.org/T67

#7

Interesting. libfaketime does what you need for processes and files.

#8

Related - or the whole thing? Check this out inside Whonix:

Shows a man page that comes with explanations, options, examples and a demonstration.

Does this what you were suggesting? @z

#9

The whole thing because besides your scripts for spoofing system time for uwt wrapped processes, the libfaketime variable FAKETIME_SAVE_FILE can spoof timestamps for files.

Shows a man page that comes with explanations, options, examples and a demonstration.

Nice. Also its good that you upstream your works whenever possible.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]