Re: NTP Sync Issue Across Tata (Europe)

[Mel Beckman <mel () beckman org>]

GPS Selective Availability did not disrupt the timing chain of GPS, only the ephemeris (position information).  But a 
government-disrupted timebase scenario has never occurred, while hackers are a documented threat.

DNS has DNSSec, which while not deployed as broadly as we might like, at least lets us know which servers we can trust.

Your own atomic clocks still have to be synced to a common standard to be useful. To what are they sync’d? GPS, I’ll 
wager.

I sense hand-waving :)

-mel via cell

On Aug 6, 2023, at 7:04 PM, Rubens Kuhl <rubensk () gmail com> wrote:




On Sun, Aug 6, 2023 at 8:20 PM Mel Beckman <mel () beckman org<mailto:mel () beckman org>> wrote:
Or one can read recent research papers that thoroughly document the incredible fragility of the existing NTP hierarchy 
and soberly consider their recommendations for remediation:

The paper suggests the compromise of critical infrastructure. So, besides not using NTP, why not stop using DNS ? Just 
populate a hosts file with all you need.

BTW, the stratum-0 source you suggested is known to have been manipulated in the past 
(https://www.gps.gov/systems/gps/modernization/sa/), so you need to bet on that specific state actor not returning to 
old habits.

OTOH, 4 of the 5 servers I suggested have their own atomic clock, and you can keep using GPS as well. If GPS goes 
bananas on timing, that source will just be disregarded (one of the features of the NTP architecture that has been 
pointed out over and over in this thread and you keep ignoring it).

Rubens