lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: Valdis.Kletnieks at (
Subject: Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure 

On Sun, 22 Aug 2004 12:33:50 CDT, Robert Brown said:

> Also, what about a GPS time receiver on a moving vehicle, such as a
> ship at sea?  They would not necessarily know that the location
> information was wrong, unles they also had other means of determining
> location.  Besides, it might only be *SLIGHTLY* wrong, but wrong
> enough to cause the time signal to be off enough to cause the
> application to produce erroneous results.  It all depends on the
> application. 

An aquaintance of mine had a very early GPS unit (back in the days when not all
the satellites were up there yet, and the intentional fuzzing for civilian
units was in place).  He was driving through San Francisco, and the unit was
offering direction to his destination.  The box was experiencing occasional
temporary delusions of what street he's on, and gives him directions from a
side street next to US101 back onto US101 proper (which in fact he was already
on).  Then he heads across the bridge to Oakland, and on the way it has another

And decides it's on Alcatraz Island, and promptly crashes because it can't find
a way to get from here to there....

Moral - sometimes "slightly wrong" is quite enough to cause a total failure...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url :

Powered by blists - more mailing lists