[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] Enhancement: Random Clock Offset



On Tue, Mar 01, 2016 at 07:51:48PM +0000, bancfc openmailbox org wrote:
For better system anonymity (to decouple VM OS timestamps leaked in
traffic from host ones) a feature can be added to the clock offset
variable to select randomly from a specified range of seconds from
instead of a fixed  number of seconds. That way a guest's clock can vary
unpredictably from the host's and confuse  correlation by network
adversaries.

Full Disclosure: I am from the  Tor centric Whonix Project - whonix.org
and this would be a very useful feature for us.


Interesting idea.  Should this be automated, I would expect this to be
done above libvirt, using libvirt's APIs.  Particularly virDomainSetTime
[1] could be of use.  There's a virsh command for that as well, called
domtime that can be called from a script.

HTH,
Martin

[1] https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainSetTime

Attachment: signature.asc
Description: Digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]