CAS Team Finds Flaw in Computers’ Timekeeping

  • By: Faith Greenwald

14-7546-SLOANGOLD-062

From BU Today: Sharon Goldberg frets about internet security so the rest of us don’t have to. In a paper released yesterday, Goldberg and her team reported the kind of security problem worth worrying about, one that could be used by a bad guy to cripple the clock function of tens of millions of computers on the internet using a single attacking machine. 

Happily, says Goldberg, a College of Arts & Sciences associate professor of computer science, fixes for the vulnerability were implemented before the paper was published.

Working with students Aanchal Malhotra (GRS’19), Isaac Cohen (CAS’16), and Erik Brakke (CAS’16) last spring, Goldberg discovered a potential vulnerability in theNetwork Time Protocol (NTP), the software and rules that synchronize clocks on computers. The team developed attacks that could alter the time on computer systems, compromising other applications, such as the encryption schemes that protect internet communications to bank websites. Other apps, from bitcoin systems to website authentication and login protocols, also could be breached.

Read more about this story here.

 

 

View all posts