[ntp:hackers] ntpd getting used for DDoS

TSG - personal tglassey at earthlink.net
Wed Nov 6 15:07:33 UTC 2013


On 11/06/2013 05:54 AM, Greg Troxel wrote:
> TSG - personal <tglassey at earthlink.net> writes:
>
>> The other thing we can do is actually write terms into the NTP USE
>> LICENSE banning its use for any nefarious purposes. And while you say
>> "so what" - the power the IETFG has is its license and so it seems
>> like we almost have a responsibility to do this in todays world.
> Adding a no-nefarious-use clause to ntpd would cause it to no longer be
> Free or Open Source.
> (really: https://github.com/jshint/jshint/issues/1234)
>

Greg this is simply not true. In fact the refusal to say "Hey Bozo - you 
are not licensed to use this protocol to break the law anywhere" creates 
a liability here ... Look - the status of Open Source cannot allow you 
to break the law with the IP. Sorry its really that simple.

Also be very clear that the IETF license is for the standard not the 
actual code but to republish for standards-work-only the coding protocol 
standard... nothing else. So the code coming out of NTP.ORG is the issue.

And as to Free - if you are not forced to pay for the product/service it 
is free by its very packaging.

Todd




More information about the hackers mailing list