Quote:
Originally Posted by brownbag
I wonder how much it will slow transfers down.
|
according to the paper the delay is so slight as to be undetectable by users.
while we're on the subject there's a new detection system in the wings, a really clever one that examines how internal computer clocks are affected by the
heat pcs generate. steven murdoch the researcher claims timing skews are so unique they're a virtual fingerprint, tracable right back to your machine.
here's how it works -
If an attacker wants to learn the IP address of a hidden server on the Tor network, he'll suddenly request something difficult or intensive from that server. The added load will cause it to warm up.
Because temperature affects how fast most electronics operate, warming up the machine causes microscopic changes in clock skew over time. Now the attacker queries computers on the public internet that he suspects of being the Tor server, looking for the shift in skew over the course of hours.
When he finds a computer that has guilty change in its timestamps, he has a match.
'It's actually quite hard to defend against,' says Murdoch. '(You can) lock the timestamp, but even without explicate timestamps, it's conceivable.'
he chose tor because of its stealthy attributes. as malk notes there are other ways of tracing users but ominously this new technique doesn't end there -
Ironically it might be the most extremely hardened computers that would be most vulnerable to this style of attack. Murdoch theorizes that military computers with precise time reporting should be easier than more casual networks like Tor, in the long run.
there's more in wir 12-30-06
- js.