Clock slew vulnerability in FreeBSD?

[Anthony Atkielski]

Kris Kennaway writes:

> Isn't this a non-problem if you use ntpd?

Unfortunately, no, because the TCP stacks on most systems don't use the
disciplined clock provided by NTP for the timestamps.  Instead they use
a clock based directly on the RTC, which reveals a characteristic skew
that is unique to each machine.

If the stacks used the NTP-disciplined actual time of day, plus perhaps
a randomizing factor to avoid revealing patterns, this technique would
become useless.

-- 
Anthony