sdwdate: Secure Distributed Web Date

From Whonix
Jump to navigation Jump to search
sdwdate-gui Control Panel

sdwdate - Secure Distributed Web Date - in Whonix

sdwdate Documentation[edit]

Since Whonix is based on Kicksecure, the user can follow these instructions Kicksecure logo Sdwdate The Web Archive Onion Version (links to the Kicksecure website)

Whonix specific[edit]

Whonix sets configuration option RANDOMIZE_TIME=true through package anon-apps-configarchive.org /etc/sdwdate.d/40_anon-apps-config.confarchive.org RANDOMIZE_TIME=true.

prerequisite knowledge: Timezone

Do sdwdate issues impact anonymity?[edit]

sdwdate failing doesn't mean deanonymized.

Even sdwdate does not work, there's still Boot Clock Randomization

To put it into perspective, Tor Browser Bundle on the host operating system (unrelated to Whonix) have neither sdwdate nor Boot Clock Randomization.

This is similar to asking "How secure is Whonix)?" See: Security Overview and Whonix Protection against Real World Attacks.

sdwdate-gui makes Tor issues in more visible due to its graphical indication and easily accessible logs. It would be an Unsubstantiated conclusion to deduct that sdwdate is the cause of Tor issues.

The time of sdwdate issues matters. If sdwdate fails

  • A) during its first run after boot then that's worse than,
  • B) sdwdate failing during any subsequent runs.

In case of A), the user would only be protected by Kicksecure logo Boot Clock Randomization The Web Archive Onion Version .

In case of B), it is less of an issue because it is only for time keeping in long running VMs. For example, if sdwdate succeeded after boot but then would only succeed once per day in long running VMs that might still be good enough.

Planned sdwdate-gui enhancements include:

  • Only showing sdwdate failure if sdwdate failed after boot and multiple times in long running VMs.
  • Making Tor log output (anon-log) more accessible. This might help to redirect the often misplaced attention on sdwdate to Tor.

See Also[edit]

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!