On Tue, Sep 27, 2016 at 09:15:47PM +0000, Jeremy Rand wrote: > johnyju...@sigaint.org: > >> The "listening" services are less of a concern, since the firewall > >> wouldn't permit any incoming connections to be passed through to start > >> with. It's the "phone home" style services, like time sync, Samba name > >> lookups on microsoft servers, and such, that are more concerning, and > >> privacy-busting. > > > > The paranoid part of me (which is about 95% of me) half-suspects that NTP > > is actively monitored by the powers that be, to keep tabs on us > > security-minded Linux geeks. > > > > There's been enough major security bugs in NTP, that one must wonder if > > they're akin to the heartbleed/rng/SSL/etc. compromises that don't > > necessarily look like innocent mistakes. > > > > Qubes is good at trying to get dom0 to push the time to the VM's by its > > own means. And if you set the ClockVM to sys-whonix, say, you remove, or > > at least greatly reduce, the ability of TPTB to track your setting your > > clock. :) > > > > However, as mentioned, the default of using NTP time syncing is enabled by > > default in the Debian-8 template, which defeats that protection for Debian > > Appvms, unless you disable it in the template. Just an oversight, I'm > > sure. (No sarcasm, for once.) > > > > My PC's RT clock might drift by a few seconds each week, if that; I'm not > > sure why time synchronization has to be so damn frequent and aggressive. > > A red flag for the paranoid. :) > > > > I have a RS232 GPS dongle that spits out the time with 1-second accuracy > > (or atomic-clock level accuracy, if you use the 1-second clock-tick signal > > available on one of the chips, which I have done, lol). > > > > I plan on hooking that up to my Qubes setup in the near future, and > > disabling network-based clock sync all together. > > > > (Until Qubes 4.0 comes out, forces me to upgrade to a newer motherboard > > with no RS232 support. :) ) > > > > Might be a good open-sourced hardware project. I think I've seen some out > > there already, although not necessarily integrated smoothly into Qubes. > > > > Just one more hole to make sure we plug. > > > > JJ > > You might find Jake Appelbaum's tlsdate interesting, or Adam Langley's > Roughtime. Both are quite a bit more secure than NTP, although tlsdate > doesn't work with TLS 1.3, and Roughtime is still a proof of concept. > > Cheers, > -Jeremy >
Or sdwdate in Whonix -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160927220140.GC5446%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
