[tor-talk] [Tails-dev] secure and simple network time (hack)
Maxim Kammerer
mk at dee.su
Fri Apr 12 11:43:13 UTC 2013
On Fri, Jul 20, 2012 at 3:07 AM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
> Allow me to be very explicit: it is harder to parse an HTTP Date header
> than properly than casting a 32bit integer and flipping their order. The
> attack surface is very small and easy to audit.
Just discovered that tlsdated in tlsdate-0.0.6 is dying with a
segmentation fault after a while. Not surprised after seeing the code
— my experimentation with this gimmick is finally over. Turns out that
“throw something together and wait for patches” is not a sound
development approach.
--
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
More information about the tor-talk
mailing list