Eric S. Raymond on 15 Oct 2017 21:20:00 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Hey PLUG organizers...want a tech talk on NTPsec?

Will <>:
> Plug Central will probably get the largest audience. We will discuss it at
> a future event and on IRC. Do you have any time line when you like to give
> the talk in terms of how immidiately you would like to do so?

Since we just shipped the first production release, sometime in the next
couple of weeks would be timely. But I have no specific date in mind.

Highlights for the talk:

* Better security through attack-surface reduction - or, yes, we removed
  76% of the existing NTP code and here's why.

* Software engineering as combat archeology - or,  yes, we removed
  76% of the existing NTP code and here's *how*.

* The standards people won - sticking hard to a C99/POSIX baseline and
  how remarkably little trouble that caused us - or, big-iron fossils
  considered superfluous.

* Better living through rigorous static code checking.

* A candidate for silliest bug ever - or, how to improve time-stepping
  accuracy x10 by noticing there are too many structure copies.

* Pythonize everything you can - and if it only has to run at human speed
  rather than machine-to-machine, you can.

* The real (and really stupid) reason legacy NTP versions couldn't run
  standalone with local clocks and no remote check servers.  And how
  we fixed that.

* After you've chiseled away a ton of autoconf crap, what next?

* Brooksian surgical teams still rock pretty hard.
		<a href="";>Eric S. Raymond</a>

My work is funded by the Internet Civil Engineering Institute:
Please visit their site and donate: the civilization you save might be your own.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --