Ubuntu
ntp package

ntpdate target server

Bug #1278365 reported by itzeme

This bug report was converted into a question: question #244169: ntpdate target server.

10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ntp (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

ntpdate calls a ubuntu specific ntp server on network-interface startup.

This causes some slight but unnessesary privacy issues as it identifies the client software to anyone listening on the network.

This issue can be solved easily by adding the ubuntu/canonical ntp server to a public ntp pool and (maybe) using a more common server name (ntp.canonical instead of ntp.ubuntu)

This way there is no privacy issue regaring network traffic and it is a public service by helping public ntp pools

Revision history for this message
Robie Basak (racb) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better.

I'm not sure what the implications would be for making this change, and so am not comfortable with it. There may be issues with depending on third party servers, and also implications for Canonical IS to join a public pool as you suggest. It seems to me that this is up for debate, and thus it is not appropriate to just unilaterally make this change. Thus, as there is currently no clear action that can be taken on this bug, I'm marking it as Incomplete.

Please obtain consensus on this proposed change, and then change the bug status to New, Invalid or Won't Fix as appropriate.

I suggest that you try and seek consensus on the ubuntu-devel and/or ubuntu-devel-discuss mailing lists.

Changed in ntp (Ubuntu):
status: New → Incomplete
Revision history for this message
Jörg Frings-Fürst (jff-de) wrote :

Hi,

first thanks for submiting your bug.

Short answers:

1. Where are you find a privacy issue? Please read the docu at
 - http://www.ietf.org/rfc/rfc5905.txt
 - http://www.ietf.org/rfc/rfc5906.txt
 - http://www.ietf.org/rfc/rfc5907.txt
 - http://www.ietf.org/rfc/rfc5908.txt

2. The use of ntp.ubuntu.com is IMHO the availability of the ntp - service. Ubuntu can not guarantee the availability of other service providers over the entire term.

3. It is easy to change the ntp server eg via dhcp

Therefore I close this bug

Thanks

Jörg

Changed in ntp (Ubuntu):
status: Incomplete → Invalid
Revision history for this message
Jonathan Davies (jpds) wrote :

We already point people at the NTP pool:

$ cat /etc/ntp.conf
...
server 0.ubuntu.pool.ntp.org
server 1.ubuntu.pool.ntp.org
server 2.ubuntu.pool.ntp.org
server 3.ubuntu.pool.ntp.org
...

Revision history for this message
itzeme (launchacc) wrote :

Quote:

> 1. Where are you find a privacy issue? Please read the docu at

The issue is based in the name and origin of the target server. Calling ntp.ubuntu cleary tells what kind of OS you are using.
This is an increasing issue today

> 2. The use of ntp.ubuntu.com is IMHO the availability of the ntp - service. Ubuntu can not guarantee the availability of other service providers over the entire term.

I did not intent to propose the use of usual public ntp servers. Ubuntu should use a canonical server, but ths server should maybe be used by other clients to to prevent identivication of the System.

> 3. It is easy to change the ntp server eg via dhcp

This does not change that most Systems will still have this issue. Therefore it should be solved by changing the defult behavior.

> We already point people at the NTP pool:
>
> $ cat /etc/ntp.conf
> ...
> server 0.ubuntu.pool.ntp.org
> server 1.ubuntu.pool.ntp.org
> server 2.ubuntu.pool.ntp.org
> server 3.ubuntu.pool.ntp.org
> ...

Yes that is correct, but it still contains a pool of ntp servers only used by Ubuntu correct?
The Issue might be rendered irrelevant if there are non Ubuntu systems using the ubuntu ntp pool as well.

Revision history for this message
itzeme (launchacc) wrote :

I aggree this issue might be appropriate to be discussed at the mailing list.

Also for this reason setting the but to incomplete

Changed in ntp (Ubuntu):
status: Invalid → Incomplete
Revision history for this message
Jörg Frings-Fürst (jff-de) wrote :

Hi,

I think this is not a bug und not a sercurity event.

But you want to discuss them. So I convert this to a question.

Jörg

Changed in ntp (Ubuntu):
status: Incomplete → Opinion
Revision history for this message
Jörg Frings-Fürst (jff-de) wrote :

The reporter want to discuss about this.

Changed in ntp (Ubuntu):
status: Opinion → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Related questions

Remote bug watches

Bug watches keep track of this bug in other bug trackers.