Hacker News new | past | comments | ask | show | jobs | submit login

They could potentially spoof the machine's NTP server.



You mean, all of the NTP servers the machine uses. NTP will detect and reject a single server reporting bad time (assuming you have at least 3 servers configured, which is the recommendation).

You'd also have to do this when the NTP daemon first starts up, as:

       -g      Normally, ntpd exits with a message to the system  log  if  the  offset  exceeds  the  panic
               threshold,  which  is  1000 s by default. This option allows the time to be set to any value
               without restriction; however, this can happen only once. If the threshold is exceeded  after
               that,  ntpd  will exit with a message to the system log. This option can be used with the -q
               and -x options. See the tinker command for other options.


The NTP config on the machine would have to allow automatic changes without regard to the skew. I don't believe that is a default (or typically desired) configuration.


You're building up a great big chain of complicated requirements. You're quickly approaching the point where it's easier to steal the machine.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: