SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    New Attacks on Network Time Protocol can Defeat HTTPS and Create Chaos
Date    Thursday October 22 2015, @10:44PM
Author    martyb
Topic   
from the does-anyone-really-know-what-time-it-is? dept.
https://soylentnews.org/article.pl?sid=15/10/22/0956225

darkfeline writes:

http://arstechnica.com/security/2015/10/new-attacks-on-network-time-protocol-can-defeat-https-and-create-chaos/

Ars Technica reports on a vulnerability where unencrypted Network Time Protocol (NTP) traffic can be exploited by man-in-the-middle attacks to arbitrarily set the times of computers to cause general chaos and/or carry out other attacks, such as exploiting expired HTTPS certificates.

While NTP clients have features to prevent drastic time changes, such as setting the date to ten years in the past, the paper on the attacks presents various methods for bypassing these protections.

There is a pdf of the report available.

Original Submission

Links
  1. "darkfeline" - https://soylentnews.org/~darkfeline/
  2. "pdf of the report" - http://www.cs.bu.edu/~goldbe/papers/NTPattack.pdf
  3. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=10211
© Copyright 2026 - SoylentNews, All Rights Reserved

printed from SoylentNews, New Attacks on Network Time Protocol can Defeat HTTPS and Create Chaos on 2026-03-07 02:58:20