[tor-talk] [Tails-dev] secure and simple network time (hack)
Elly Jones
elly at leptoquark.net
Fri Apr 12 14:25:54 UTC 2013
On Fri, Apr 12, 2013 at 02:43:13PM +0300, Maxim Kammerer wrote:
> On Fri, Jul 20, 2012 at 3:07 AM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
> > Allow me to be very explicit: it is harder to parse an HTTP Date header
> > than properly than casting a 32bit integer and flipping their order. The
> > attack surface is very small and easy to audit.
>
> Just discovered that tlsdated in tlsdate-0.0.6 is dying with a
> segmentation fault after a while. Not surprised after seeing the code
> ? my experimentation with this gimmick is finally over. Turns out that
> ?throw something together and wait for patches? is not a sound
> development approach.
Did you get a stack trace?
Also, yes, tlsdated is not very well-written. I wrote it in a great hurry and
now don't really have time to undo the worst of the hacks :(. Patches gratefully
accepted.
-- elly
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20130412/b41b3a78/attachment.pgp>
More information about the tor-talk
mailing list