[ntp:hackers] A stop-gap authenticated time service
terje at tmsw.no
Tue Nov 10 15:02:37 UTC 2015
Poul-Henning Kamp wrote:
> In message <20151110100916.GS11550 at localhost>, Miroslav Lichvar writes:
>> I think that depends on what error is acceptable.
> Of course it does!
> But there is a very big difference between "Drive-by attacker can
> shift your clock *anywhere he wants* and "determined attack can
> shift it a second or two before you notice".
phk is hitting the key point here:
With no attacker, the https HEAD gives at least second, and probably
sub-128 ms accuracy, while under a maximum attack (giving multiple
seconds RTT for the HEAD request, you simply note the fact that you're
probably under attack and start looking at all NTP relies with strong
- <Terje at tmsw.no>
"almost all programming can be viewed as an exercise in caching"
More information about the hackers