Re: [tor-talk] TorBirdy Not Allowing Connections to Servers
Jacob Appelbaum: > Ethan Lee Vita: >> Pop servers (I don't use imap) don't connect while using TorBirdy, nor >> do SMTP servers. It just sticks at 'Connecting to >> pop.someserver.org...', not even asking for user password. SMTP comes up >> with Thunderbird didn't connect to SMTP error. TorBirdy did work until I >> upgraded from v0.0.4 to v0.0.9 and hasn't worked since (currently on >> v0.0.10). I've been trying to figure this out for some time, but after >> playing with Thunderbird settings, searching online, and updating to >> other versions of TorBirdy (trying again every few days), I've had no >> success and had to disable TorBirdy. > > Are you trying to use pop3 without SSL/TLS? If so, I think this is > expected behavior - we didn't want anyone to insecurely check > pop/imap/smtp over Tor unless they *really* know what they're doing. > Despite the fact, that this might not be the reason for the error shouldn't TorBirdy display some kind of message, when it discards connections because they are not encrypted? "TorBirdy has prevented potentially unwanted information disclosure. Please use SSL/TLS to encrypt the connection(s)." or something else. At least users should know that TorBirdy is the reason why they can't connect. Maybe even telling why exactly this is the case. If you agree, I could create a ticket. Regards, Sebastian ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] secure and simple network time (hack)
intrigeri: > There are a few pieces of software called htpdate, and the one Tails > uses only connects to HTTPS servers, and delegates to wget the X.509 > certificates validation: > https://tails.boum.org/contribute/design/Time_syncing/#index3h2 Unfortunately wget (nor any other command line downloader) doesn't support to pin the certificate of the website. https://lists.gnu.org/archive/html/bug-wget/2012-07/msg7.html So it still depend on the flawed root CA system. (Don't take this too harsh. Although there is space for improvement I seriously consider adding tails_htp to aos. Thanks to the distributed trust model, I think it's currently the safest method.) > In addition, the pal/foe/neutral pool system Tails uses gives *some* > protection against untrustworthy sources of time information, which > limits what one can do with only a few illegitimate X.509 certificates > they got from a "trusted" CA: > https://tails.boum.org/contribute/design/Time_syncing/#index4h2 If I understand correctly, you pick three random servers. One from each pool. And then build the mediate of the three. What's the point of asking the foe pool? (Servers which generally do not care about privacy.) Why doesn't tails_htp ask more than three servers for the time and build the mediate? Like 6, 9 or 12. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] secure and simple network time (hack)
intrigeri: > Hi, > > adrelanos wrote (18 Jul 2012 18:37:18 GMT) : >> To make our life even worse... Sorry... But not using NTP and only >> emmiting Tor traffic is also pretty clearly Tails. Because that puts >> you in the group of users "Uses Tor, nothing else, but does not use >> NTP? How many people act like this?". So you should at least emmit >> a fake NTP query (when others that usuaally do) and drop it. > > This is indeed true for a non-shared public IP, and is mitigated to > some degree when sharing an IP (e.g. behind home router NAT, > concurrently with others non-Tails systems). Yes. > Looks like we'll need to think a bit more what kind of fingerprinting > resistance a system like Tails can reasonably pretend to at this scale. Don't give up too early. Man ntpdate says there is "-q Query only - don't set the clock.". That's perfect for a fake NTP query. I just haven't found out how to tell ntpd to do the same. That is required for a good fake. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] secure and simple network time (hack)
Hi, Jacob Appelbaum wrote (19 Jul 2012 23:48:48 GMT) : > The key difference with htpdate is that one has a cryptographic > signature. I'll take a subset of possible MITM attackers over fully > trusting something that anyone could MITM. I think this is wrong in the context of Tails. There are a few pieces of software called htpdate, and the one Tails uses only connects to HTTPS servers, and delegates to wget the X.509 certificates validation: https://tails.boum.org/contribute/design/Time_syncing/#index3h2 In addition, the pal/foe/neutral pool system Tails uses gives *some* protection against untrustworthy sources of time information, which limits what one can do with only a few illegitimate X.509 certificates they got from a "trusted" CA: https://tails.boum.org/contribute/design/Time_syncing/#index4h2 Thanks a lot for your detailed answer! I'll think about the rest later. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] secure and simple network time (hack)
Hi, adrelanos wrote (18 Jul 2012 18:37:18 GMT) : > To make our life even worse... Sorry... But not using NTP and only > emmiting Tor traffic is also pretty clearly Tails. Because that puts > you in the group of users "Uses Tor, nothing else, but does not use > NTP? How many people act like this?". So you should at least emmit > a fake NTP query (when others that usuaally do) and drop it. This is indeed true for a non-shared public IP, and is mitigated to some degree when sharing an IP (e.g. behind home router NAT, concurrently with others non-Tails systems). Looks like we'll need to think a bit more what kind of fingerprinting resistance a system like Tails can reasonably pretend to at this scale. (I'm re-adding the Cc to tails-dev, that was lost at some point. Please don't drop it again.) Cheers! -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Torbirdy and gpg --throw-keyids
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I agree with Jake. Less information disclosed is better. Under some circumstances I will encrypt a message to recipients not in the email. For example, if I am emailing on behalf of a group, I will encrypt to the group, even if I do not CC/BCC them, because I consider it a 'trust' thing. I never intended them to not be able to read that message, so I portray it. (It's also super-handy if I need to forward the email from a phone w/o my key.) Another situation could be encrypting emails to a backup key of my own. Or even (whip me for suggesting it) encrypting to a message escrow service of some kind. So throwing the keyids of everyone but the recipient and sender is very good, and should be done. I argue strongly for that. Under some strange circumstances, the receiver and/or sender may have a non-public key that the message would be encrypted to, that they would not like to disclose the existence of. It could be used to segment working vs personal relationships, keep a high-security key under wraps for use with your spouse, be a project specific key, or perhaps be used to bypass a previously theorized key escrow service. If I was performing reconnaissance on someone, and say 85% of their traffic went to a public key on a keyserver, and 15% went to an undisclosed key - that's strange. But on the flip side, it's obvious the message is encrypted to the recipient(s) specified on the email and the sender saw it unencrypted... and in some cases those recipients may be greatly inconvenienced by throwing the keyids - as in your case. So throwing the keyids of the recipient(s) is still arguably important, but less so than third-parties. I could go either way on it. It almost seems like it could be worth codifying a preference in the OpenPGP standard. Potentially interpreting http://tools.ietf.org/html/rfc4880#section-5.2.3.17 to also imply throw-keyid or adding a new option. - -tom -BEGIN PGP SIGNATURE- iEYEARECAAYFAlAJ/DwACgkQJZJIJEzU09tWhwCfbW9CKWhr5O4ulukjokJdRtqr wLIAniS+G5NaBQr5HX1BFWvGfygRze2I =XazV -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBirdy Not Allowing Connections to Servers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jacob Appelbaum: > Are you trying to use pop3 without SSL/TLS? If so, I think this is > expected behavior - we didn't want anyone to insecurely check > pop/imap/smtp over Tor unless they *really* know what they're doing. I've had SSL/TLS enabled from the beginning of my Thunderbird use, with and without TorBirdy, so that shouldn't be the problem. I've been using port 465, which I read was the proper port for SSL to work with. And using normal password authentication. I don't think it gets that far though as it shows no sign of any successful connection and when not working, doesn't prompt for any password. > It could be - feel free to document your expected setup here? What exactly do you want to know? I have both riseup & Google accounts, having followed their config settings for server names & default ports (995 for pop & 465 for SMTP), which I've rechecked repeatedly. I've barely touched the config editor. - - Changed network.proxy.socks_remote_dns to true when I attempted to torify Thunderbird before TorBirdy. It didn't work so I changed it back to false. - - mail.server.default.autosync_offline_stores to true - - use_status_for_biff to false (I don't use imap, but tweaked this in case I ever changed my mind and forgot this existed) - -- Ethan Lee Vita Professional Agorist -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJQCdR1AAoJEA7VNhrVHpnSHJYQAIzeFjnZw9Otg4G4qUvx0gFz 7hEMJ+cM08GdhC70xXlpufWFGVYnIDQjZTAD58gCNQOjTUhq+3rfFrx42v0UyWB9 KbOkn0euraJCb6StT6jxJBsfce2MEehq95SKoKf4SmJg/XJiACbniwQ7mRsVIRcL U0e902b8D71sM3aF/xQBdX32Vf3UqrukgeR14Rg4mofCE/KH1I0VpwMkV99jYQVK aq54i43gx8li77QzQ8ZO+/Upk2oJ0OxcKdC2VjXoCqjaX9g1W4JOXbHxCgw4bXoF Fg/1MGwy43dnwD3+svoT8afmlDdAM9DB9Z9VPEaPgHuL9qqeiBmbFACIhHarvksL exAnJa7tYcCFUjncpPnqoKLmKHpGEFP5DnjhfVTp1MVd+A8Q0lH/vGoc5WSVqP/a lqfOlKvos2q26cuSbNlZ0gAJS+L/oC3fkLroWaPOVE9VIfQzUduuJv8tAgYZKEg/ WWEm1dbKaOqCcI/QJbOub7zc3kw8HpNw1TW6ux0c4ZdVa8qQI93KoVvdIpGXM5AY Pa6iCzMspjgJD3ce3TUqP+nK5O28NWRCx8woIC0ExZcEnIbxVyROWe0UKU/N5Xe1 4ejzxBkttyvIEnVkkUa9+l1A5ra65J6UWZw3S5RP0VU5RbFCaz66LU12rNdtdFND jaJvUAk7gV99hZQus+Ma =WGCW -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Torbirdy and gpg --throw-keyids
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 7/18/2012 6:19 PM, Jacob Appelbaum wrote: > The gpg manpage says the following: > > Do not put the recipient key IDs into encrypted messages. This > helps to hide the receivers of the message and is a limited > countermeasure against traffic analysis. ([Using a little social > engineering anyone who is able to decrypt the message can check > whether one of the other recipients is the one he suspects.]) On > the receiving side, it may slow down the decryption process > because all available secret keys must be tried. --no-throw- > keyids disables this option. This option is essentially the same as > using --hidden-recipient for all recipients. > > So lets say that I use gpg to encrypt the message to you, to me, > and to an additional key. I would reveal my own gpg key (which you > may not know, which may not be public), your key (which may be used > to ask you to disclose a specific key), and finally - it reveals > the third party which is not otherwise involved in the email > message headers at all. > > I'd prefer that this isn't revealed at all and lucky for us, gpg > allows us to hide that information. Jake, Maybe I'm being dense, but under what circumstances does it make sense for a GPG public key to be ... not public? I genuinely would like to better understand your position. My specific questions on your example: * If you want to hide your key from me, how do you expect me to reply to the communication while maintaining the confidentiality? I don't understand a use case in which this would make sense. Hiding it from the public is one thing, but hiding it from the recipient? * What do you mean by "may be used to ask you to disclose a specific key", exactly? The only thing doing the "asking" is my trusted local GPG instance, and in the case of --throw-keyids, it will actually be asking me /more/ questions and causing significantly more risk of information disclosure in the case of system compromise (but if my system is already compromised, I've already lost, so I still don't understand the threat profile here either). * I won't argue about the third party, but that's already handled automatically by Enigmail when you BCC, which is typically the only way that third party key would get in the mix in a standard Enigmail use case scenario. Additional to all of this, the GPG key itself is never being disclosed here, just its key ID. It's still giving a unique identifier from which you can build a social graph, I'll grant you, but again, I'd argue that it's a real stretch to say this information is anything more than is already disclosed in the required SMTP headers. Please, educate me! Thanks, Tim - -- Tim Wilde, Software Engineer, Team Cymru, Inc. twi...@cymru.com | +1-847-378- | http://www.team-cymru.org/ -BEGIN PGP SIGNATURE- iQIcBAEBAgAGBQJQCcEUAAoJED1BdOFPDWdbd94QAI6gQk5olrEDWXOa8J4Hh1Q+ OsOvFXYyxnDgbrZ8GycjAh9JeA5+I6wJwyrw0azpXbULQpYFcAnhngyTzkyYzPCn eR80Vohj72KwMNCoFyO8LpKlLmdtnLi3ZsfEq5aF2Ou+cVCGOsUUNxiDhBEUsI8P lgSzGWIa6x2g1+Qz4ZwMvFf5w62oJITdVQbmDOTgvExzivvtuMC5HYFNHKsanEVD HeQJve0RO1jAYJnlr20J6Bx6gD/vdBoxNb4OnEbv+u1y+An7WcHu9al7/OpesIw5 dFPkzLI++ZHPVK4be9NdNEQpRZZbxdc7+nWGcZvUQ3nGH6UY/4zpJDaZXShY4tmG aL/iRWGBH9QfiZj65lFreBELIqBtaYHJjnj4hQccE4Ee30VaSYgXXwCIUKVpDeNG NYOExSCEaiKyx34jb/Q3gLhykLe6cjOQ6RKYwOca56BFc6wJ67ge6Jq9+1olyZKJ WUmLWs/J2n4EvnuG/hkh6T0ivRgvUIuX1XUc8VvZfgSpUp5Hv1znwCW2MV38U4t0 TSoWsMFgFjDZrxa+6/kwKMIup0nK5fqhAAAI9fFAy5UhAtd2PtsSEdmE4x37tH9l yjH63PsqZ8zBMb6n/72ynuuXTDEvPKI9lzUqSTdEv+/IpAM1a4CLoYV2K8Y2pN0B v+gjuVV5L4I0kB17Ze3x =q6+s -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBirdy Not Allowing Connections to Servers
Hi, Ethan Lee Vita: > Could someone share some advice on where to look for a solution? I've > not seen any mention via online searches, this list, or the bug tracker > regarding anyone else having this problem, so I suspect its something on > my end. To add to what Jake said, either try accessing POP/SMTP over SSL, or to help you better diagnose this: install TorBirdy 0.0.10 and then configure your account manually (TorBirdy will set the recommended security settings itself). Let us know if this issue persists. -- Sukhbir ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] [Tails-dev] secure and simple network time (hack)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Jacob Appelbaum: > So does that mean you do or do not like DNSSEC? :) Can't say, I didn't dig into that deep enough. > I'd like to see a normal ntp client that runs over Tor safely - can > you show us an example of a way to do that? If so, I'd gladly > consider running such an NTP service. I already run a normal UDP > OpenNTP server in the pool. >> The system can not be adapted since you will have a hard time >> finding public, free NTP servers, which support authenitcated >> NTP. And even if you find a very few, you can not rely on a small >> amount of servers. A big pool is required for distribiuted >> trust. > > That's a resource issue, not a technical issue. We can solve both, > I think. I'd like to know if someone has actually used normal NTP > clients over Tor, even with private servers and found that it was > suitable? Ok, I am sorry, I messed up. There is no way to run NTP *directly* over TCP. I found the following interesting posts about this issue: http://lists.ntp.org/pipermail/questions/2007-October/015832.html http://lists.ntp.org/pipermail/questions/2007-October/015834.html http://lists.ntp.org/pipermail/questions/2007-October/015859.html We could run NTP over Tor, if we tunnel UDP over OnionCat. Due to usage of hidden services, Tor would provide authentication. (NTP autokey could be added for another layer of authenication.) But it were NTP over TCP over UDP, which wouldn't be (according to the posts above) exact as ordinary NTP over TCP. I don't know how less accurate it were and if that is a good idea or not. Or if we find willing people to run it. Please discuss. If there is intererest, it could be tried to develop some instructions how to provide NTP as hidden service and share the result in the tpo wiki. -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJQCbSJAAoJEJwTGtNxOq7vuAEP/2v1L9+Wq4vJWpLDa+lBC/jo oSjoKBOc9DCyFumWypmwTqDZPgFBNNJ57kuTAcctEAirRnju/LETqVx5evciTIBr i/x5Xd1o92bYGqNRC7uAjXVXcjG98FkNO/pqvOUSXQDc6TaESU2v293e5ekkcvKF 9J6sc0wlZRHnhBrB4Mrbwlg9ayhoSK19+vYoDjwAIy8zIEHj3riyNSrG5iQVy+t8 BNLWRnMRLdR94jyx7VKLk6vGb+zq7d0f00HAKziYoVOpnxuvdKd664cx/OvGNOho XB9VIcIOgsfBUDi7dB5wq9T9jG1Q4YFEd08w2bWcf6V4/6omV8By/6nO4SIpR4+S B+xGym8s9KKlTaKBkCk+1pHXWVV8VOurPVb88G/pi9UdG40OGhUjib8hAbNjwRWK q3lj36Sn85c7L+gSAvjfTS+F7ifADhPE0l3/lgGS01/XhvHGpek7yq/AGre7Do0G 76gHZYFqsfEccAHmDh/FJPia54NSFpV1XIykoY6Heng2b/hQ1CkqX0gPdRq4jIbA DmoILKcfXkSJsW3kjEQhUngzdSILkT7rHRXnCtL3Wqr1ZwMdXvvmaj3XUyBcXffC y9I4QVh+Q/cGraXG+TGrIhw2sDD/LciLbVMrksN6hUq3/315caSkdo3NIoN8yJcO 9vzbpJv4q6XdNBAa8jC9 =/rsw -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] [Tails-dev] secure and simple network time (hack)
adrelanos: > Jacob Appelbaum: >> I think adding an option to verify the leaf certificate's >> fingerprint, rather than just the signature alone would be a fine >> idea. > > Yes, then we could ask eff, tpo and similars about their policy to > change the certificates. If we pin their certificates, we don't have > to trust any CAs. > I'd prefer to trust a CA (or well, Tor identity) run by EFF, Tor or someone else. >> so, it depends a lot on what you mean by "getting rid of all CAs" > > In this particlar discussion I meant "no need to use any CAs". (In > general I would be happy to see a widespread replacement for the CAs > as a whole.) > So does that mean you do or do not like DNSSEC? :) >>> And even if you use only a single source over TLS (pinned) as >>> time source... How is it better than using a single authenticated >>> NTP server over TCP? >> >> I've never seen a system that shipped with authenticated NTP >> enabled. > > It doesn't exist, unfortunately. It's also a critical security > vulnarability in all major operating system, not only for Tor users, > for anyone. No one cares about as long as no one uses it for a big > scale attack. If an attacker moves back the time several years he can > use revoked certificates. I agree. That's one of the reasons why I have been working on tlsdate. > >> I'm sure it has happened but generally, ntp is unauthenticated and >> is run as a UDP service. > > Yes. > >> I'd be interested to see a client configuration that works over TCP >> and has strong integrity protection of the remote time. > > It's certainly possible but almost no one is using it. I found two > guides about adding authenication to NTP. > https://ntp3.sp.se/howto.html > http://support.ntp.org/bin/view/Support/ConfiguringAutokey > > (Over TCP is possible as well, Google tells.) I'd like to see a normal ntp client that runs over Tor safely - can you show us an example of a way to do that? If so, I'd gladly consider running such an NTP service. I already run a normal UDP OpenNTP server in the pool. > > As Tails pointed out... > https://tails.boum.org/todo/authenticate_time_servers/ > https://tails.boum.org/contribute/design/Time_syncing/ > > The system can not be adapted since you will have a hard time finding > public, free NTP servers, which support authenitcated NTP. And even if > you find a very few, you can not rely on a small amount of servers. A > big pool is required for distribiuted trust. That's a resource issue, not a technical issue. We can solve both, I think. I'd like to know if someone has actually used normal NTP clients over Tor, even with private servers and found that it was suitable? All the best, Jacob ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] TorBirdy Not Allowing Connections to Servers
Ethan Lee Vita: > Pop servers (I don't use imap) don't connect while using TorBirdy, nor > do SMTP servers. It just sticks at 'Connecting to > pop.someserver.org...', not even asking for user password. SMTP comes up > with Thunderbird didn't connect to SMTP error. TorBirdy did work until I > upgraded from v0.0.4 to v0.0.9 and hasn't worked since (currently on > v0.0.10). I've been trying to figure this out for some time, but after > playing with Thunderbird settings, searching online, and updating to > other versions of TorBirdy (trying again every few days), I've had no > success and had to disable TorBirdy. Are you trying to use pop3 without SSL/TLS? If so, I think this is expected behavior - we didn't want anyone to insecurely check pop/imap/smtp over Tor unless they *really* know what they're doing. > > Could someone share some advice on where to look for a solution? I've > not seen any mention via online searches, this list, or the bug tracker > regarding anyone else having this problem, so I suspect its something on > my end. > It could be - feel free to document your expected setup here? > I only have copies of github versions, so if someone could share the > xpis 5 & 6, I could report on which version I started having problems with. > It's likely that you started to have problems when we forced the connections to be secure by default. All the best, Jacob ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] TorBirdy Not Allowing Connections to Servers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Pop servers (I don't use imap) don't connect while using TorBirdy, nor do SMTP servers. It just sticks at 'Connecting to pop.someserver.org...', not even asking for user password. SMTP comes up with Thunderbird didn't connect to SMTP error. TorBirdy did work until I upgraded from v0.0.4 to v0.0.9 and hasn't worked since (currently on v0.0.10). I've been trying to figure this out for some time, but after playing with Thunderbird settings, searching online, and updating to other versions of TorBirdy (trying again every few days), I've had no success and had to disable TorBirdy. Could someone share some advice on where to look for a solution? I've not seen any mention via online searches, this list, or the bug tracker regarding anyone else having this problem, so I suspect its something on my end. I only have copies of github versions, so if someone could share the xpis 5 & 6, I could report on which version I started having problems with. - -- Ethan Lee Vita Professional Agorist -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJQCXcgAAoJEA7VNhrVHpnSPDwP/3Ahps/OEPTlebb8Vty+HiEj RvyY2lRwcwYbJcx71992YCdWqyVM2xg7x2ZGUSbKEKWEQ7Q3kUA6Dws5dr0vOEgl ihIYbLu+TJ4buLkMEuVAIg3aGZPzs7S/oq062w7p+sqL3EgwmHblYEj1mzIfxBTw DxAvcsUhl9SVGRFftsmb9Dyy5Kr/uRg6zb6Vior9gDhhHEafjZV3k4K4t5lRhxBD JE3ZqVdD2Bq4vqqctU+5/mDZpb+bio8BjhP5Tpe4nIIB3S+LK/UIKjDyOcr8BUx7 iERT2GgpKYgAvy0gw5BcI4ZU76gw4lmxGVCIwE1mdn3ooXJN1tkRv7qdwYMcblek LYvwuWclZsOzEX+WNbPQr5ehsYnPJp4I+jSD4PlG82Tk0dxfSEX/dotLkm+5Oa+Z aHEKF7jjVlLncNwx9a02m7usHiqXuH81NPN7OOg4fPAagDe1RX1OzcsF0uW6fci3 O6jofu+dc9FYgy1nyRdC5xcrFl6WCssJTWExkuzDT5Ht/dG8n+Rxy0OBMjw/QNSA BLQdBX877XzNB+LmI51ZCp96kvlXGkQwq5EBIZXMKJFqCxSSqRdd3NavF1oOb+Bz FL+pqyPJ+5kBfyDBT18MBGm/g+mZtOS+txabJfh5PqjBfjzolDo5a7basHcXMPJ1 1Hc2zqvZf54ShoHY3N26 =j18X -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] [Tails-dev] secure and simple network time (hack)
Jacob Appelbaum: > I think adding an option to verify the leaf certificate's > fingerprint, rather than just the signature alone would be a fine > idea. Yes, then we could ask eff, tpo and similars about their policy to change the certificates. If we pin their certificates, we don't have to trust any CAs. > so, it depends a lot on what you mean by "getting rid of all CAs" In this particlar discussion I meant "no need to use any CAs". (In general I would be happy to see a widespread replacement for the CAs as a whole.) >> And even if you use only a single source over TLS (pinned) as >> time source... How is it better than using a single authenticated >> NTP server over TCP? > > I've never seen a system that shipped with authenticated NTP > enabled. It doesn't exist, unfortunately. It's also a critical security vulnarability in all major operating system, not only for Tor users, for anyone. No one cares about as long as no one uses it for a big scale attack. If an attacker moves back the time several years he can use revoked certificates. > I'm sure it has happened but generally, ntp is unauthenticated and > is run as a UDP service. Yes. > I'd be interested to see a client configuration that works over TCP > and has strong integrity protection of the remote time. It's certainly possible but almost no one is using it. I found two guides about adding authenication to NTP. https://ntp3.sp.se/howto.html http://support.ntp.org/bin/view/Support/ConfiguringAutokey (Over TCP is possible as well, Google tells.) As Tails pointed out... https://tails.boum.org/todo/authenticate_time_servers/ https://tails.boum.org/contribute/design/Time_syncing/ The system can not be adapted since you will have a hard time finding public, free NTP servers, which support authenitcated NTP. And even if you find a very few, you can not rely on a small amount of servers. A big pool is required for distribiuted trust. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] More secure hidden service as client or relay?
When you run a relay, your ip become public so it gives some information about you and your potential location. If your enemy knows that you are in a specific region for exemple it could become dangerous for you ! On the other hand, it would be more difficult for your enemy to exploit the dump of your communications to conclude that you are de hidden service owner than if you run a client. Don't forget to restrict the access to your service, don't let it open world wide ;) On Fri, Jul 20, 2012 at 1:16 AM, Daniel Dennis wrote: > I read about a successful attack on hidden services. The two major > attacks i remember were 1) Looking at IP addresses in the network and > check if the hidden service is up. When its down you can narrow the ip > address down. 2) Disconnecting and reconnecting to the hidden service > hoping you become a peer and use a timing attack. This is prevented by > node guards which was talked about in the PDF (before and after the > guards). > > That same pdf mention clients were easier to find then relays. I'm not > sure why. > Right now at this moment what is more secure when running a hidden > service. When being a client or relay? > > -- > http://www.fastmail.fm - Or how I learned to stop worrying and > love email again > > ___ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] [Tails-dev] secure and simple network time (hack)
adrelanos: > Jacob Appelbaum: >>> If anything, TLS is much harder to get right (see issue #16 on >>> GitHub, for instance — tlsdate is currently susceptible to a MITM >>> attack). >> >> It's a work in progress, of course. I use it with a pinned CA, so >> in such a case, users are not vulnerable to a MITM attack unless >> one can get certs from that specific CA. > > Wouldn't it be better to get ride of all CAs? Rather pin the CA > certificate of certain websites instant of pinning a CA? > Sure - practically this is the same thing - except, you might run a CA yourself, with a rotating key on the server. The abstraction is nice as it allows you to keep the trusted key offline. I think adding an option to verify the leaf certificate's fingerprint, rather than just the signature alone would be a fine idea. Also, there is a TODO item that specifically addresses this with TLSA/DANE/CAA but that relies on DNSSEC. DNSSEC is basically the CA system done slightly differently, so, it depends a lot on what you mean by "getting rid of all CAs" - Moxie has said a lot about this topic but I suspect he's not on the list. > And even if you use only a single source over TLS (pinned) as time > source... How is it better than using a single authenticated NTP > server over TCP? I've never seen a system that shipped with authenticated NTP enabled. I'm sure it has happened but generally, ntp is unauthenticated and is run as a UDP service. I'd be interested to see a client configuration that works over TCP and has strong integrity protection of the remote time. All the best, Jacob ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] [Tails-dev] secure and simple network time (hack)
Jacob Appelbaum: >> If anything, TLS is much harder to get right (see issue #16 on >> GitHub, for instance — tlsdate is currently susceptible to a MITM >> attack). > > It's a work in progress, of course. I use it with a pinned CA, so > in such a case, users are not vulnerable to a MITM attack unless > one can get certs from that specific CA. Wouldn't it be better to get ride of all CAs? Rather pin the CA certificate of certain websites instant of pinning a CA? And even if you use only a single source over TLS (pinned) as time source... How is it better than using a single authenticated NTP server over TCP? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
