From owner-freebsd-questions@FreeBSD.ORG Fri Mar 11 03:42:43 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 52A1C16A4CE for ; Fri, 11 Mar 2005 03:42:43 +0000 (GMT) Received: from smtp11.wanadoo.fr (smtp11.wanadoo.fr [193.252.22.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id ECF8A43D1F for ; Fri, 11 Mar 2005 03:42:42 +0000 (GMT) (envelope-from atkielski.anthony@wanadoo.fr) Received: from me-wanadoo.net (localhost [127.0.0.1]) by mwinf1109.wanadoo.fr (SMTP Server) with ESMTP id AC5C21C00090 for ; Fri, 11 Mar 2005 04:42:41 +0100 (CET) Received: from pix.atkielski.com (ASt-Lambert-111-2-1-3.w81-50.abo.wanadoo.fr [81.50.80.3]) by mwinf1109.wanadoo.fr (SMTP Server) with ESMTP id 8D0761C00089 for ; Fri, 11 Mar 2005 04:42:41 +0100 (CET) X-ME-UUID: 20050311034241577.8D0761C00089@mwinf1109.wanadoo.fr Date: Fri, 11 Mar 2005 04:42:41 +0100 From: Anthony Atkielski X-Priority: 3 (Normal) Message-ID: <579063597.20050311044241@wanadoo.fr> To: freebsd-questions@freebsd.org In-Reply-To: <4231076F.2060903@orcon.net.nz> References: <751280160.20050311034539@wanadoo.fr> <4231076F.2060903@orcon.net.nz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re: Clock slew vulnerability in FreeBSD? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2005 03:42:43 -0000 Bnonn writes: > Is this technically a vulnerability, or is it just a side-effect of how > computers operate? It's a vulnerability in the sense that it can leak confidential information about a system's identity. It's not a side-effect of how computers operate, but rather a side-effect of how most TCP stacks are implemented. > I was of the impression that this is quite an unavoidable issue, given > how it seems to apply to any computer regardless of OS, but I haven't > researched the issue much myself. Interesting question. It seems to be unavoidable only in the sense that most operating systems are not designed to protect against it (yet). I think the claims of the researchers are overly optimistic, but time will tell. In any case, in the interest of security, it would be nice to see it addressed. I read that FreeBSD can be configured to avoid the problem completely by disabling the timestamps upon which the technique depends, but I don't remember the details. And if one still wants to use timestamps, it would be good if they could be used without leaking any information. -- Anthony