timedatectl Should Not be Enabled by Default: Privacy/Anonymity risks
bancfc
bancfc at openmailbox.org
Sun Jul 26 19:19:59 BST 2015
Its not a good idea to enable timedatectl (or any NTP daemon) by default
in Debian Stretch+ because it has negative consequences for privacy and
anonymity. The NTP protocol is not secure and can be trivially
manipulated by network observers to mount clock skew attacks. NTPS is no
better because of the broken SSL CA model. Leaking clock information
about a machine can open the way for remote device fingerprinting even
if they are anonymous.
The research comes from WhonixOS a privacy centric distro like TAILS.
More information about the Pkg-systemd-maintainers
mailing list