You're misunderstanding the attack vector. The exploit is about precisely contro... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		dvanduzer on Dec 20, 2014 \| parent \| context \| favorite \| on: Multiple vulnerabilities released in NTP You're misunderstanding the attack vector. The exploit is about precisely controlling the delta between a client and server. There is no problem with using low-resolution time signatures as a cryptographic seed. Using time as an entropy source is only a problem if you sample at a lower resolution than your clock's error rate.

cbsmith on Dec 21, 2014 [–]

Maybe I wasn't clear, but I was thinking one would manipulate the delta specifically to cause the machine to adjust its clock.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact