[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <16680.55307.623939.495494@typhoon.xnet.com>
From: eli at typhoon.xnet.com (Robert Brown)
Subject: Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure
gadgeteer@...gantinnovations.org writes:
> On Fri, Aug 20, 2004 at 10:26:08AM +0400, 3APA3A (3APA3A@...URITY.NNOV.RU) wrote:
> [...]
> > you state:
> >
> > If there is a host with reliable time on the network (that is host
> > synchronized with some hardware source, like radio clocks, cesium
> > clocks, GPS clocks, etc) - whole network will be finally, after some
> > time, synchronized with this host.
> >
> > Depending upon the criticality of the time sensitive applications on
> > the network, you might want to reconsider the use of "radio clocks"
> > and especially "GPS clocks". These time sources are also subject to
> > attacks. Any free air broadcast is subject to jamming. This is
> > essentially a DoS. Spoofing to provide incorrect time signal is also
> > possible with free air broadcast, but less easy to do.
> [...]
>
> For a fixed installation detecting if someone is dinking the gps signal
> is trivial. The unit starts thinking it is not in Kansas anymore.
> --
> Chief Gadgeteer
> Elegant Innovations
>
That's fine as long as your time receiver actually interprets
locations also. I have seen GPS time signal receivers that only
extract the time, not the locaation. These receivers do not know or
care where they are; they just want to know what time it is.
Also, what about a GPS time receiver on a moving vehicle, such as a
ship at sea? They would not necessarily know that the location
information was wrong, unles they also had other means of determining
location. Besides, it might only be *SLIGHTLY* wrong, but wrong
enough to cause the time signal to be off enough to cause the
application to produce erroneous results. It all depends on the
application.
--
-------- "And there came a writing to him from Elijah" [2Ch 21:12] --------
R. J. Brown III rj@...labs.com http://www.elilabs.com/~rj voice 859 567-7311
Elijah Laboratories Inc. P. O. Box 166, Warsaw KY 41095 fax 859 567-7311
----- M o d e l i n g t h e M e t h o d s o f t h e M i n d ------
Powered by blists - more mailing lists