[time-nuts] Roughtime

Hal Murray hmurray at megapathdsl.net
Wed Oct 5 01:59:00 EDT 2016

albertson.chris at gmail.com said:
> But I use a set of five different servers all controlled by different
> organizations and they are geographically distributed.   Also some of these
> are randomly elected "pool" servers.  So even I don't know who I will ask
> for time.   How could anyone corrupt all those servers? 

They don't have to corrupt the servers if they can capture some 
modem/router/whatever box that all of your packets go through.  Classic 

> And if this ever did become a problem users would simply start using
> cryptographic authentication 

It's a problem now.  Currently, there is no convenient way to do the crypto.  
That's why Roughtime appeared.

When the software is available, somebody will need to set up a collection of 
well run NTP servers.  It's roughly similar to the top level DNS servers.

albertson.chris at gmail.com said:
> All that said, there is money to be made  by spoofing time.   If I can fool
> a stock broker into accepting trades minutes late I could be rich. 

I think most stock brokers have their own GPS/NTP servers.

These are my opinions.  I hate spam.

More information about the time-nuts mailing list