Re: [libvirt] Enhancement: Random Clock Offset
On Tue, Mar 01, 2016 at 07:51:48PM +0000, bancfc(a)openmailbox.org wrote:
For better system anonymity (to decouple VM OS timestamps leaked in
traffic from host ones) a feature can be added to the clock offset
variable to select randomly from a specified range of seconds from
instead of a fixed number of seconds. That way a guest's clock can vary
unpredictably from the host's and confuse correlation by network
adversaries.
Full Disclosure: I am from the Tor centric Whonix Project - whonix.org
and this would be a very useful feature for us.
Interesting idea. Should this be automated, I would expect this to be
done above libvirt, using libvirt's APIs. Particularly virDomainSetTime
[1] could be of use. There's a virsh command for that as well, called
domtime that can be called from a script.
HTH,
Martin
[1] https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainSetTime
Attachments:
- signature.asc (application/pgp-signature — 819 bytes)