timedatectl Should Not be Enabled by Default: Privacy/Anonymity risks
bancfc
bancfc at openmailbox.org
Wed Jul 29 05:06:56 BST 2015
The attacks we are trying to protect against are described here:
https://www.whonix.org/wiki/Time_Attacks
The threat model are network adversaries ranging from ISP level to major
ones. With mass surveillance everywhere its necessary to take this
threat model into account before taking decisions about how a distro
should work.
On 07/27/2015 07:55 AM, intrigeri wrote:
> Hi,
>
> bancfc wrote (26 Jul 2015 18:19:59 GMT) :
>> The research comes from WhonixOS a privacy centric distro like TAILS.
>
> For the record, this does not imply any position from Tails regarding
> this topic: the Tails threat model generally does not apply as-is
> to Debian.
Yes I should have made that clear. I mention TAILS to tell people what
Whonix is about because they might only be familiar about the former
because of news stories.
>
> Also, it would be good to describe what exact threat model you see
> timedatectl as a security/privacy problem, so Debian has the data to evaluate
> if/how its default installation settings behave in that context:
> looking at one single potential issue in isolation does not make much
> sense to me, if there are potentially dozens of other ways for an
> attacker to do what they want. Thanks in advance!
>
> To end with, I'm wondering whether this email is really
> about timesyncd.
Its about the threats of insecure time synchronization in general but it
also concerns timesyncd that could play a part in this if enabled by
default.
>
> Cheers,
>
More information about the Pkg-systemd-maintainers
mailing list