Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

AFAIK a NTP client doesn't accept a value which highly differentiates from the current time. At least, not without user interaction. Does that render this attack less likely?


Rosenpass author here.

It does yes. But it is a mitigation, not a real fix.

An attacker could still just speed up time. Although not being able to produce a KillPacket for the year three thousand is a good thing :)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: