Re: BOINC software on OpenBSD

Tue, 18 Dec 2007 08:24:22 -0800 

> > Maybe I'll try it myself if this project is useful, I'll read their
> > webpage later. So far I run the distributed.net client on OpenBSD
> > boxes, which works similar, though not because the distributed.net
> > project is so useful in my opinion, but just to generate 100% CPU load
> > (which prevents a possible attack on another software I run). Boinc
> > could do the same for me.
>
> How does 100% load prevent an attack?

It's an attack on hidden services in the Tor network
https://www.torproject.org - you need to stabilize the temperature of
the server somehow to prevent the attack.

>From http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf - Hot or
Not: Revealing Hidden Services by their Clock Skew:

"Location-hidden services, as oo,ered by anonymity systems such as Tor,
allow servers to be operated under a pseudonym. As Tor is an overlay
network, servers hosting hidden services are accessible both directly
and over the anonymous channel. Trao,c patterns through one channel
have observable eo,ects on the other, thus allowing a service's
pseudonymous identity and IP address to be linked. One proposed
solution to this vulnerability is for Tor nodes to provide o,xed
quality of service to each connection, regardless of other trafo,c,
thus reducing capacity but resisting such interference attacks.
However, even if each connection does not ino,uence the others, total
throughput would still ao,ect the load on the CPU, and thus its heat
output. Unfortunately for anonymity, the result of temperature on
clock skew can be remotely detected through observing timestamps. This
attack works because existing abstract models of anonymity network
nodes do not take into account the inevitable imperfections of the
hardware they run on. Furthermore, we suggest the same technique could
be exploited as a classical covert channel and can even provide
geolocation."


And back on topic: I just tried the [EMAIL PROTECTED] client version
5.04beta on -current, works fine here with redhat_base installed and
started with the -openBSD option.

Tas.

Reply via email to