Slashdot Mirror

← Back to Stories (view on slashdot.org)

Network Time Protocol Hardened To Protect Users From Spying, Increase Privacy (theregister.co.uk)

Posted by EditorDavid on from the time-standard-time dept.

AmiMoJo quotes the Register: The Internet Engineering Task Force has taken another small step in protecting everybody's privacy... As the draft proposal explains, the RFCs that define NTP have what amounts to a convenience feature: packets going from client to server have the same set of fields as packets sent from servers to clients... "Populating these fields with accurate information is harmful to privacy of clients because it allows a passive observer to fingerprint clients and track them as they move across networks".

The header fields in question are Stratum, Root Delay, Root Dispersion, Reference ID, Reference Timestamp, Origin Timestamp, and Receive Timestamp. The Origin Timestamp and Receive Timestamp offer a handy example or a "particularly severe information leak". Under NTP's spec (RFC 5905), clients copy the server's most recent timestamp into their next request to a server – and that's a boon to a snoop-level watcher.
The proposal "proposes backward-compatible updates to the Network Time Protocol to strip unnecessary identifying information from client requests and to improve resilience against blind spoofing of unauthenticated server responses." Specifically, client developers should set those fields to zero.

23 of 51 comments (clear)

  1. I have since long given up on other peoples NTP. by Anonymous Coward · · Score: 2, Interesting

    http://www.leobodnar.com/shop/...

    Stratum1 FTW!

  2. Re:I have since long given up on other peoples NTP by Anonymous Coward · · Score: 1

    I assume you mean because GPS is run by government? Meh. as long as governments (mulitple) are using the same time source I actually trust it quite a bit. Besides, atomic clocks essentially mean trusting government too... they are ALL either directly or indirectly funded by governments, even one you buy yourself for personal use.

  3. Local NTP is probably a bit more secure by RevDisk · · Score: 4, Interesting

    I just use a GPS attachment. Well, GPS, GLONASS and Galileo. With a tiny bit of code to verify location checks out, math wise it'd be tricky to spoof. If my building moves by any significant amount, I'm fairly sure there's a problem of some sort that needs my attention. Spoofing the time and getting the locational data from all three providers to match would be kinda an impressive mathematical exercise. Plus, any domestic GPS spoofing will bring the anger of the FCC on someone and never underestimate interdepartment bureaucracy fury. It's kinda unlikely unless you're in a very high security environment.

    Very simple to code. Cost me $50, and pretty much only because I wanted one that could handle multiple constellations. Or buy one off the shelf. More expensive, less work.

    1. Re:Local NTP is probably a bit more secure by sjames · · Score: 1

      Just be sure to avoid setting your watch during an earthquake.

    2. Re:Local NTP is probably a bit more secure by RevDisk · · Score: 2

      If the antenna position moves more than 10 feet, I have other concerns. ;)

  4. Perhaps a better solution by jmcharry · · Score: 1

    Fill the fields with plausible garbage. If the data has no legitimate usage, poison it.

    1. Re:Perhaps a better solution by Anonymous Coward · · Score: 2, Insightful

      But if everyone's garbage is different it's unique, and thus identifying, information.

    2. Re:Perhaps a better solution by Archfeld · · Score: 1

      Fill the fields with random garbage each time a request is made. That way you create more and more seemingly unique entities to track. If you can't beat/avoid the DB, fill it with garbage.

      Slippery Jim DiGriz
      https://en.wikipedia.org/wiki/...

      --
      errr....umm...*whooosh* *whoosh* Is this thing on ?
  5. Re:I have since long given up on other peoples NTP by drinkypoo · · Score: 1

    Wowsers that's a lot of money. You can get PPS out of neo8m

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  6. Watch very closely. by WolfgangVL · · Score: 1

    Anytime anybody says they are doing something "to protect you from spying" or to "increase your privacy" You would do well to watch very closely and try to read between the lines. Sometimes your just a paranoid nutcase. Sometimes.

    --
    You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
  7. Use HTTPS over UDP by hcs_$reboot · · Score: 1

    HTTPS over UDP

    --
    Slashdot, fix the reply notifications... You won't get away with it...
  8. Re:When time.windows.com... by hcs_$reboot · · Score: 1

    can't even get the time correct, we should be focusing on reliability instead of security.

    That's a normal behavior. Windows has always been a few years behind.

    --
    Slashdot, fix the reply notifications... You won't get away with it...
  9. Re:I have since long given up on other peoples NTP by arglebargle_xiv · · Score: 1

    Nice, but pretty pricey. Not quite in the league of a Symmetricom privewise, but getting close. I'm running more or less the same thing but without the OLED display at 1/10th the price. Unfortunately the guy who made them on Tindie seems to have gone away, so I can't provide a link.

  10. Re:Why have a port open and listening all the time by driblio · · Score: 1

    Check your protocols.

    Actually, establishing (and tearing down) an encrypted TCP channel is far less simple than UDP based ntp.

    The open port isn't a requirement, but it is how ntp does the important (and complicated) part - establishing what the real time actually is, without blind faith in just one other server.

  11. Re: When time.windows.com... by arglebargle_xiv · · Score: 1

    OTP (Office Time Protocol) predates even that one by decades, and is probably more accurate than Microsoft's NTP:

    Hey Jim, what time is it?
    About five-ish
    Beer o'clock?
    Yeah, about that.

    Never failed so far.

  12. Re:Why have a port open and listening all the time by Zero__Kelvin · · Score: 2

    Ignoring for the moment what a bad idea that would be, how do you plan on doing HTTP without a port open?

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  13. Re: When time.windows.com... by Zero__Kelvin · · Score: 3, Insightful

    The hope that ignorant people will stop thinking Microsoft is competent? Double points for not thinking they must be competent because they are "big".

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  14. Re: When time.windows.com... by arglebargle_xiv · · Score: 1

    It's not just that, in a domain you've actually got CTP, Clusterfuck Time Protocol. Let's see, we'll all sync to that backup domain controller over there, which is sync'd to another BDC, one of which syncs to the PDC, which in turn syncs to a different BDC. Having that lot settling on a time is like watching a bunch of rednecks debate how gravity waves work, they eventually converge on some sort of solution but it sure ain't the solution that anyone else is on.

  15. Re:Simple solutions by Zero__Kelvin · · Score: 1

    "Of course, synchronizing against a server is stupid since time on Windows and Linux is generally REALLY bad because they're running on general purpose operating systems without real-time extensions, so clock drift is a reality."

    Linux doesn't need "real time extensions". Linux has had soft realtime support in the mainline kernel for a frigging decade. Furthermore, clock drift is "a thing" everywhere. If it were not then there would be no need for NTP.

    "Now, the Cisco solution is nice because you can stick a few cheap IOS based devices at the edge of the network, peer them to each other and sync them against NTP and you're good to go."

    You don't seem to understand that IOS is Linux based.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  16. Re:Simple solutions by Dog-Cow · · Score: 1

    It's amusing that you think being real-time has anything to do with keeping time.

  17. Re:Why have a port open and listening all the time by dcollins117 · · Score: 1

    IP over Avian Carriers

  18. Re:I have since long given up on other peoples NTP by AK+Marc · · Score: 1

    The government could turn off the NIST atomic clock, but couldn't turn off the ones in universities or the like. GPS is explicitly run by the US government, and has been tweaked to reduce its efficiency.

    --
    Learn to love Alaska
  19. Re: I have since long given up on other peoples NT by adolf · · Score: 1

    My stratum 1 server also receives timing from the Russian glonass constellation. American GPS is not the only game in town, and hasn't been for many years.

    --
    Kid-proof tablet..