Michiel

Blog posts and open-source work

About

Michiel

Software engineer
michiel@tweedegolf.com

Michiel has a degree in Cyber Security, but his experience ranges from web development to programming verification (which is how he was introduced to Rust, btw.)

At Tweede golf, Michiel has recently been working on Pendulum (adding GPS support to ntpd-rs and investigating the vulnerability of NTP) and our Rust Interop Guide.

In his spare time, he likes to play music (drums, synthesizer) or do some web development.

Blog posts

Show all posts by Michiel

November 25, 2024

Manipulating time through (S)NTP

The NTP protocol is used by many devices to synchronize their system clocks. However, many devices use SNTP clients (Simple NTP) which are even more vulnerable to interference. As most (S)NTP packets are unauthenticated, they are vulnerable to spoofing, making it possible to change a device's time by manipulating (S)NTP packets.

In this blog, we discuss how (S)NTP packets can be forged to manipulate a device's system clock. Especially on the default SNTP client for many Linux systems, this turned out to be very easy. We will also dicuss the consequences of such attacks, as well as how these attacks can be prevented.

security timing pendulum

Read article