On Tue, Mar 01, 2016 at 07:51:48PM +0000, bancfc(a)openmailbox.org
wrote:
>For better system anonymity (to decouple VM OS timestamps leaked in
>traffic from host ones) a feature can be added to the clock offset
>variable to select randomly from a specified range of seconds from
>instead of a fixed number of seconds. That way a guest's clock can vary
>unpredictably from the host's and confuse correlation by network
>adversaries.
>
>Full Disclosure: I am from the Tor centric Whonix Project -
whonix.org
>and this would be a very useful feature for us.
>
Interesting idea. Should this be automated, I would expect this to be
done above libvirt, using libvirt's APIs. Particularly virDomainSetTime
[1] could be of use. There's a virsh command for that as well, called
domtime that can be called from a script.
Agreed, this feature is really a specific usage policy. Libvirt aims to
focus on providing mechanism, letting specific policies be implemented
by the management applications using libvirt. We already allow the time
offset to be set to an arbitrary number of seconds, so apps starting a
guest can change that value as desired each time. So I don't think
there is anything should do in libvirt for this.
Regards,
Daniel
--
|: