Slashdot Mirror

← Back to Stories (view on slashdot.org)

"Father Time" Gets Another Year At NTP From Linux Foundation

Posted by samzenpus on from the another-trip-around-the-sun dept.

dkatana writes: Harlan Stenn, Father Time to some and beleaguered maintainer of the Network Time Protocol (NTP) to others, will stay working for the NTP another year. But there is concern that support will decline as more people believe that NTP works just fine and doesn't need any supervision. NTP is the preeminent time synchronization system for Macs, Windows, and Linux computers and most servers on networks. According to IW, for the last three-and-a-half years, Stenn said he's worked 100-plus hours a week answering emails, accepting patches, rewriting patches to work across multiple operating systems, piecing together new releases, and administering the NTP mailing list. If NTP should get hacked or for some reason stop functioning, hundreds of thousands of systems would feel the consequences. "If that happened, all the critics would say, 'See, you can't trust open source code,'" said Stenn.

9 of 157 comments (clear)

  1. Well, you *can't* trust open-source code by Anonymous Coward · · Score: 5, Insightful

    Nor can you trust closed-source code.

    But while "open source makes all bugs shallow" is demonstrably a fallacy, at least you CAN see the source if you need to. (Good luck understanding it, though - says this pretty good C developer who just about shit when he had to look at OpenSSL/SSH code...)

  2. Bus Factor by allquixotic · · Score: 5, Insightful

    With all due to respect to Harlan Stenn, and working under the assumption that he will choose to continue to maintain NTP for the good of everyone who uses it, the biggest donation that could possibly be given to the NTP project would be to increase its bus factor. Basically, we need at least another small handful of people -- ideally distributed throughout the world -- who have the same level of knowledge and expertise as Harlan in the area of network time, and can thus take his place if, for any reason whatsoever Harlan can't continue to work on the NTP project.

    Getting Harlan to continue working on it is a short-term solution, but the sustainable future is to ensure that we have maintainers who can take his place -- ideally, paid ones.

    So what we need is for a company like Red Hat or IBM or Microsoft or Canonical to bankroll a developer who has at least strong fundamentals that would enable them to quickly pick up advanced knowledge of network time, and then spend most of their working hours acquiring more knowledge about it so that it can be maintained going forward. This would probably involve a lot of ML posts with Harlan (or reading his previous ones), as well as any other developers/maintainers working on pieces of the code.

    If Harlan is absolutely instrumental to the project as it stands now, the solution is to have a backup or two, who ideally are being paid a living wage to ensure the continuity of knowledge and expertise if Harlan willingly or unwillingly stopped contributing.

    Projects with a bus factor of 1 that are widely relied upon need to be identified and highlighted every now and again -- not to make a case to shower the developer in money, but to get other developers to work in the same space and increase the bus factor to at least 3.

  3. Re:Nature of open source by Narcocide · · Score: 5, Insightful

    I got news for you; if NTP was non-free, it never would have been used outside of the lab where it was created. There would be 1000 competing network time sync strategies, Microsoft would blithely tell the whole world theirs is the best and universally compatible, while not actually being universally compatible with anything other than third-party malware, and it would be damned-near impossible for anyone without a Master's and 20 years of industry experience to succeed at establishing time synchronization across networks of machines supplied by a heterogeneous mix of OS and hardware vendors. You really want to take NTP and throw it in the same playpen where file-sharing and web-markup language standards got mangled? Really?

  4. Re:Simple by Smallpond · · Score: 4, Insightful

    BSD NTP client - 3K lines of code. Linux NTP client - 192K lines of code. Guess which has fewer bugs.

  5. not just NTP by Anonymous Coward · · Score: 3, Insightful

    it's not just NTP that is languishing, perhaps a dozen other open source projects that the Internet depends on, each with one greybeard maintainer, underfunded or neglected entirely, going away soon, lose that institutional knowledge.

    C'mon Apple, Google, Facebook, give back a little.

  6. Re:Upkeep by david_bonn · · Score: 3, Insightful

    A lot of it has to do with the fact that the system calls that you use to arrange time sync are, well, fragile and obscure and all-too-frequently broken by a new OS release. Also, a lot of bugs with respect to time synchronization are subtle and quick to anger and require quite a bit of time to reproduce and analyze.

    In some ways, it would be a heck of a lot easier if we just forgot about stuff like having a monotonically increasing clock and clock skew caused by network latency. Just have everyone hard-set their clock every day from a GPS receiver, say. Of course, you'd end up with poor synchronization amongst hosts, which would easily cause its own kind of havoc. And your timestamps would be untrustworthy during that period where you are hard-setting the clock. There isn't a perfect solution.

  7. Re:http://www.openntpd.org/ by Bengie · · Score: 4, Insightful

    It's been able to do 10ms accuracy for around the last year after they added the ability to adjust the kernel tick rate.

  8. NTP the protocal vs NTP the software package by davidwr · · Score: 4, Insightful

    Let's be clear here - we are talking about one particular software package - albeit a very popular one - and not the underlying protocol (which itself is subject to errata, some of which are still under discussion).

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  9. Re:Nature of open source by Anonymous Coward · · Score: 2, Insightful

    Here's the point where we differ.

    Except that is you just saying a fact is not a fact because you don't want it to be a fact. Microsoft uses the Network Time Protocol and it works across all the major operating systems, this is a fact and no amount of you saying "we differ" is going to change that.

    but its provably factually inaccurate based on numerous prior incidents.

    No you have it backwards, they use the open source, permissively licensed Network Time Protocol just like everybody else. That's why Windows, GNU/Linux and OSX machines can all synchronize time between them.

    which is that Microsoft *certainly* would sabotage NTP

    Except the irrefutable fact is that they did not and have not despite always being able to had they wanted to. You clearly need to be educated on permissive open source licensing.

    You purport to naively assume this to be the case

    I am not assuming anything, Windows syncs time perfectly well from a Linux server and it uses the Network Time Protocol (again permissively licensed) to do so, this is a fact, not an assumption. Does Windows *have* to use NTP? Of course not, but it would be pretty silly if they didn't. So why do you think they wouldn't? And if your thoughts on that are valid then why do they use the NTP instead?

    Frankly I've satisfied myself that you're a paid shill, so this conversation is over.

    Off you go then, ignore that NTP works just as well with Windows as it does with everything else, ignore that it is permissively licensed, ignore that if they wanted to then Microsoft could have created their own incompatible derivative any time they wanted yet they didn't.

    You're obviously upset that despite the *ability* to be as evil as you think they are they didn't capitalize on that opportunity. So the real question is why would *anybody* be so upset about that? It's not at all logical.