From: Weilong Chen
Date: Mon, 13 May 2019 20:06:37 +0800
> So, the 'time' may become sensitive information. The OS should not
> leak it out.
The current time of day is a globally synchronized value everyone on
the planet has access to.
I don't buy this line of reasoning at all, time is not sens
From: Michal Kubecek
Date: Mon, 13 May 2019 14:11:45 +0200
> I'm sorry but I cannot agree with that. Seeding PRNG with current time
> is known to be a bad practice and if some application does it, the
> solution is to fix the application, not obfuscating system time.
+1 +1 +1
On Mon, May 13, 2019 at 08:26:18PM +0800, Weilong Chen wrote:
> On 2019/5/13 20:11, Michal Kubecek wrote:
> > On Mon, May 13, 2019 at 08:06:37PM +0800, Weilong Chen wrote:
> > > On 2019/5/13 19:49, Michal Kubecek wrote:
> > > > One idea is that there may be applications using current time as a seed
On 2019/5/13 20:11, Michal Kubecek wrote:
On Mon, May 13, 2019 at 08:06:37PM +0800, Weilong Chen wrote:
On 2019/5/13 19:49, Michal Kubecek wrote:
One idea is that there may be applications using current time as a seed
for random number generator - but then such application is the real
problem,
Weilong Chen wrote:
> On 2019/5/13 15:49, Michal Kubecek wrote:
> > On Mon, May 13, 2019 at 09:33:13AM +0800, Weilong Chen wrote:
> > > The remote host answers to an ICMP timestamp request.
> > > This allows an attacker to know the time and date on your host.
> >
> > Why is that a problem? If it
On Mon, May 13, 2019 at 08:06:37PM +0800, Weilong Chen wrote:
> On 2019/5/13 19:49, Michal Kubecek wrote:
> > One idea is that there may be applications using current time as a seed
> > for random number generator - but then such application is the real
> > problem, not having correct time.
> >
>
On 2019/5/13 19:49, Michal Kubecek wrote:
On Mon, May 13, 2019 at 07:38:37PM +0800, Weilong Chen wrote:
On 2019/5/13 15:49, Michal Kubecek wrote:
On Mon, May 13, 2019 at 09:33:13AM +0800, Weilong Chen wrote:
The remote host answers to an ICMP timestamp request.
This allows an attacker to know
On Mon, May 13, 2019 at 07:38:37PM +0800, Weilong Chen wrote:
>
> On 2019/5/13 15:49, Michal Kubecek wrote:
> > On Mon, May 13, 2019 at 09:33:13AM +0800, Weilong Chen wrote:
> > > The remote host answers to an ICMP timestamp request.
> > > This allows an attacker to know the time and date on your
On 2019/5/13 15:49, Michal Kubecek wrote:
On Mon, May 13, 2019 at 09:33:13AM +0800, Weilong Chen wrote:
The remote host answers to an ICMP timestamp request.
This allows an attacker to know the time and date on your host.
Why is that a problem? If it is, does it also mean that it is a securi
On Mon, May 13, 2019 at 09:33:13AM +0800, Weilong Chen wrote:
> The remote host answers to an ICMP timestamp request.
> This allows an attacker to know the time and date on your host.
Why is that a problem? If it is, does it also mean that it is a security
problem to have your time in sync (becaus
The remote host answers to an ICMP timestamp request.
This allows an attacker to know the time and date on your host.
This path is an another way contrast to iptables rules:
iptables -A input -p icmp --icmp-type timestamp-request -j DROP
iptables -A output -p icmp --icmp-type timestamp-reply -j DR
11 matches
Mail list logo
