intrigeri wrote (05 Jan 2014 12:09:06 GMT) :
> intrigeri wrote (23 Dec 2013 09:15:53 GMT) :
>> Care to file a ticket, drop a tcp_timestamps.conf into
>> config/chroot_local-includes/etc/sysctl.d/, and test the
>> resulting ISO?
> Anyone?
jvoisin started doing it --> now known as #6580.
>> I'll come back to you and Jacob for the design doc phrasing, as I'm
>> still not convinced we can put statements as bold as "tracking the
>> clock down to the millisecond" in there, without thinking a bit about
>> how an attacker is affected by the network lag between the time a TCP
>> timestamp was created, and the time when they get to see the packet.
>> I mean, I'm weak at stats and all and you probably know better, but
>> learning that "some unknown time ago, the system clock was T with
>> a millisecond precision" does not really give me the current system
>> clock with a millisecond precision, does it?
> This still needs some input.
Now known as #6581.
Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
