Steffen Nurpmeso wrote in <20230814202928.ufult%stef...@sdaoden.eu>: ... |visibility is. (Mind you, OpenSSH is currently hardening itself |against [1], .. i persnally would simply start ticking and run for |some time after the last keypress, that needs no floating-point |arithmetic, but i am an anti-mathematician :) | | [1] https://people.eecs.berkeley.edu/~dawnsong/papers/ssh-timing.pdf
Just to add that it turns out on openssh-unix-dev@ that i would have been attackable due to > Advanced attacks where attackers run loads on onion services that influence > CPU activity and clock skew in predictable ways [2] may be possibly used to > deanonymize them. > > We would suggest drawing the padding packet intervals from some other > distribution instead of firing these off on a fixed timer. Basically, do what > kloak does but at the network layer. Yeah, making the intervals a bit uncertain seems like a reasonable idea. This gives them 10% jitter. So i had to think a bit more. (If real user key presses are attached to interval packets, i would leave it as is.) --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim