Changes

Page history
Adjust for ikiwiki → GitLab wiki authored by intrigeri's avatar intrigeri
Show whitespace changes
Inline Side-by-side
persistent_Tor_state.md
View page @ a5d53a93
[[!toc levels=3]]
[[_TOC_]]
# Big picture # Big picture
This is about [[!tails_ticket 5462]]. This is about tails/tails#5462.
There are a few good reasons for making Tor's data directory There are a few good reasons for making Tor's data directory
persistent: persistent:
...@@ -29,8 +31,8 @@ a persistence preset for it. ...@@ -29,8 +31,8 @@ a persistence preset for it.
* Using persistent Entry Guard(s) [is a problem for mobile * Using persistent Entry Guard(s) [is a problem for mobile
users](https://lists.torproject.org/pipermail/tor-talk/2012-October/025975.html), users](https://lists.torproject.org/pipermail/tor-talk/2012-October/025975.html),
as it gives attackers some bits for AdvGoalTracking (see [[the MAC as it gives attackers some bits for AdvGoalTracking (see [the MAC
address spoofing design documentation|contribute/design/MAC_address]]), address spoofing design documentation](https://tails.boum.org/contribute/design/MAC_address)),
even if this is less severe than it used to be, thanks even if this is less severe than it used to be, thanks
to the move to a single Entry Guard. We want to protect users to the move to a single Entry Guard. We want to protect users
against AdvGoalTracking, including versions thereof where the against AdvGoalTracking, including versions thereof where the
...@@ -372,7 +374,7 @@ Prerequisites: this can happen only once we don't rely anymore on the ...@@ -372,7 +374,7 @@ Prerequisites: this can happen only once we don't rely anymore on the
fact that certain files in `/var/lib/tor` are not persistent. fact that certain files in `/var/lib/tor` are not persistent.
More specifically: More specifically:
* [[!tails_ticket 5774]] needs to be resolved (our time syncing script * tails/tails#5774 needs to be resolved (our time syncing script
uses the existence of `cached-descriptors` as a test for whether Tor uses the existence of `cached-descriptors` as a test for whether Tor
is working, and a similar assumption is made for the is working, and a similar assumption is made for the
`*-consensus` files; `*-consensus` files;
...@@ -439,7 +441,7 @@ Finally, we seed the Tor PRNG with: ...@@ -439,7 +441,7 @@ Finally, we seed the Tor PRNG with:
Note that Entry Guard(s) selection depends on the current state of the Note that Entry Guard(s) selection depends on the current state of the
Tor network, and not only on how the Tor PRNG has been seeded. Tor network, and not only on how the Tor PRNG has been seeded.
See [[!tor_bug 2653]] for further ideas on this topic. See [bug #2653 on Tor Project's Trac](https://bugs.torproject.org/2653) for further ideas on this topic.
<a id="drawbacks"></a> <a id="drawbacks"></a>
...@@ -527,8 +529,7 @@ feature, hence: ...@@ -527,8 +529,7 @@ feature, hence:
habits now. habits now.
* We have considered requesting user input _once_, both to * We have considered requesting user input _once_, both to
parameterize Entry Guard selection, and for [[!tails_ticket parameterize Entry Guard selection, and for seeding the entropy pool (tails/tails#7675). This was discarded since the
desc="seeding the entropy pool" 7675]]. This was discarded since the
entropy pool seed should ideally contain, well, quite some entropy, entropy pool seed should ideally contain, well, quite some entropy,
while the requested user input for Entry Guard selection should be while the requested user input for Entry Guard selection should be
short, easy to type and to remember. short, easy to type and to remember.
...@@ -559,4 +560,5 @@ feature, hence: ...@@ -559,4 +560,5 @@ feature, hence:
randomly." (source: *Why MAC Address Randomization is not Enough: randomly." (source: *Why MAC Address Randomization is not Enough:
An Analysis of Wi-Fi Network Discovery Mechanisms*) An Analysis of Wi-Fi Network Discovery Mechanisms*)
* How is this impacted by the changes brought by [[!tor_bug 12600]]? * How is this impacted by the changes brought by [bug #12600 on Tor Project's Trac](https://bugs.torproject.org/12600)?