Date: Fri, 11 Mar 2005 04:42:41 +0100 From: Anthony Atkielski <atkielski.anthony@wanadoo.fr> To: freebsd-questions@freebsd.org Subject: Re: Clock slew vulnerability in FreeBSD? Message-ID: <579063597.20050311044241@wanadoo.fr> In-Reply-To: <4231076F.2060903@orcon.net.nz> References: <751280160.20050311034539@wanadoo.fr> <4231076F.2060903@orcon.net.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
Bnonn writes: > Is this technically a vulnerability, or is it just a side-effect of how > computers operate? It's a vulnerability in the sense that it can leak confidential information about a system's identity. It's not a side-effect of how computers operate, but rather a side-effect of how most TCP stacks are implemented. > I was of the impression that this is quite an unavoidable issue, given > how it seems to apply to any computer regardless of OS, but I haven't > researched the issue much myself. Interesting question. It seems to be unavoidable only in the sense that most operating systems are not designed to protect against it (yet). I think the claims of the researchers are overly optimistic, but time will tell. In any case, in the interest of security, it would be nice to see it addressed. I read that FreeBSD can be configured to avoid the problem completely by disabling the timestamps upon which the technique depends, but I don't remember the details. And if one still wants to use timestamps, it would be good if they could be used without leaking any information. -- Anthony
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?579063597.20050311044241>