[Full-Disclosure] Microsoft updates documentation on Windows time synchronization
Date: Tue Aug 24 2004 - 05:45:13 EDT
Dear lists,
Sorry for additional noise.
Microsoft published Q884776 "Configuring the Windows Time service
against a large time offset"
http://support.microsoft.com/default.aspx?scid=kb;en-us;884776
In addition to clear description on new registry keys in Windows 2000
SP4 and Windows 2003 Microsoft added recommendation to use hardware
time source. Design flaw is currently fixed by documentation. I hope
finally MS will implement signing at least for it's own
time.windows.com.
P.S. just to make things clear: Microsoft is one of very few vendors
who really cares about time synchronisation infrastructure security
during operation system design. Even flawed this infrastructure is
much better than any unimplemented or undocumented infrastructure.
-- http://www.security.nnov.ru /\_/\ { , . } |\ +--oQQo->{ ^ }<-----+ \ | ZARAZA U 3APA3A } You know my name - look up my number (The Beatles) +-------------o66o--+ / |/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Tue Aug 24 06:06:26 2004
This archive was generated by hypermail 2.1.8 : Tue Aug 24 2004 - 07:06:09 EDT
