[email protected] said: > But I use a set of five different servers all controlled by different > organizations and they are geographically distributed. Also some of these > are randomly elected "pool" servers. So even I don't know who I will ask > for time. How could anyone corrupt all those servers?
They don't have to corrupt the servers if they can capture some modem/router/whatever box that all of your packets go through. Classic man-in-the-middle. > And if this ever did become a problem users would simply start using > cryptographic authentication It's a problem now. Currently, there is no convenient way to do the crypto. That's why Roughtime appeared. When the software is available, somebody will need to set up a collection of well run NTP servers. It's roughly similar to the top level DNS servers. [email protected] said: > All that said, there is money to be made by spoofing time. If I can fool > a stock broker into accepting trades minutes late I could be rich. I think most stock brokers have their own GPS/NTP servers. -- These are my opinions. I hate spam. _______________________________________________ time-nuts mailing list -- [email protected] To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
