Agent d’ingérence étrangère : Alle die mit uns auf Kaperfahrt fahren, müssen Männer mit Bärten sein. Jan und Hein und Klaas und Pit, die haben Bärte, die haben Bärte. Jan und Hein und Klaas und Pit, die haben Bärte, die fahren mit.

  • NTP Pool - The Internet Timekeeper

    Dans quelques pays le service de synchronisation de l’heure par le protocole NTP est fourni par un monopole privé (cloudflare en l’occurence). Ailleurs ce service est l’un des quelques services de base d’intenet qui fonctionnent encore comme structure solidaire internationale.

    Cette situation constitue un risque pour la stabilité du net. Les adaptations nécessaires respectives n’ont pas encore été réalisées.


    Number of NTP servers for all users in a country

    The NTP Pool is a network of volunteer-run servers providing time synchronisation services to millions of computers over the Internet using the Network Time Protocol (NTP). But how does it map clients to NTP servers? And why are some clients more equal than others? The team at SIDN Labs investigates.
    But the real issue is that users from 27 countries - totalling 767m inhabitants and 465m Internet users - are served by a single Autonomous System as time provider when using the NTP Pool, even if the NTP Pool lists more than 4,700 servers. These are the countries in red in the figure below and expanded in the table.

    Number of ASes (time providers) serving each country

    ... countries served by a single time provider: Cloudflare and other ASes (bold)

    Masters of Time : An Overview of the NTP Ecosystem

    2018, Publisher: IEEE - Abstract:The Network Time Protocol (NTP) is currently the most commonly used approach to keeping the clocks of computing devices accurate. It operates in the background of many systems; however, it is often important because if NTP fails in providing the correct time, multiple applications such as security protocols like TLS can fail. Despite its crucial practical role, only a limited number of measurement studies have focused on the NTP ecosystem. In this paper, we report the results of an in-depth longitudinal study of the services provided by the NTP Pool Project, which enables volunteers to offer their NTP services to other Internet users in a straightforward manner. We supplement these observations with an analysis of other readily available NTP servers, such as those offered by OS vendors or those that can be freely found on the Internet. The analysis indicates a reliance on a small set of servers that are (at least indirectly) responsible for providing the time for the Internet. Furthermore, this paper considers the impact of several incidents that the authors observed between December 2016 and April 2017. To complement this study, we also perform an analysis of multiple geographical regions from the operator’s perspective, spanning a period of 5 months. A coarse-grained categorization of client requests allows us to categorize 95 percent of our incoming traffic as NTP- and SNTP-like traffic (the latter being a simpler, but more error-prone, form of NTP); we observe that up to 75 percent of all requests originated from SNTPlike clients. With this in mind, we consider what kind of harm a rogue server administrator could cause to users.

    #internet #ntp #sécurité #monopoles #privatisation