Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Thomas Reagan (treaganinteractiveedge.com)
Date: Mon Aug 20 2001 - 10:29:07 CDT
Well, since Windows >2000 uses Kerberos, maintaining a time synchronization
is essential. If clients/servers are more than 5 minutes apart, Kerberos
will not function. I know that by default Win2k clients grab their time
from DC's, but I don't know what the escalation procedures are for XP. This
is a good thing in a business, and the security risk is minor for home
True, MS could be profiliing people based on NTP connections, but this is
probable better than releasing millions of copies of software that all point
at US Gov. servers. The load on that machine must be fairly serious
already; all those XP clients might break it.
From: Dino [mailto:slayer67apk.net]
Sent: Monday, August 20, 2001 6:37 AM
Subject: Windows XP RC2
Well I am not sure if you would consider this a bug, incident, monitoring or
a feature, but in Windows XP RC2 that we loaded this weekend
I noticed that M$ has Network Time Client built to keep correct time.
This is good so that we do not have to grab a 3rd party app and install it,
but what is disturbing is take a guess as to what the "default" Time Server
that gets used???
Well for every install M$ can monitor/track who is running XP that has a Net
Yes you can simply pick another like my favorite
"time-a.timefreq.bldrdoc.gov" and all is well, but that average user wont
know this and may not even care, but they should ;)
If your real paranoid one can think well if the NTP is using
time.windows.com what is stopping M$ from having some hidden app that can be
communicated to once they grab the IP that queries their time server?!
Thanks for listening