Spoofing time and space with DTrace

Now that more people are convinced that they can't trust the hostids anymore, I now feel compelled to add that you can't trust time or space either. It is just as easy to spoof time on a per-pid basis as the hostid. Some counter that they could stat a file and see what time it is based on the latest mtime, but that too is fairly trivial to spoof. Still others insist that they could do an NTP lookup to a well known time server -- also spoofable. None of these methods can successfully be used to guarantee anything. Software vendors must trust their customers.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

relling

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today