On Apr 7, 2006, at 3:37 AM, Poul-Henning Kamp wrote:

Geez, you'd think they'd have learned from Netgears mistake a few
years ago[1].

I look after the NTP Pool[2] system and having something like that
happen to say pool.ntp.org is one of my worries.  Yikes.

While having hundreds of servers makes it more likely that it won't
impact it the system dramatically, we are already struggling to keep
up with the client growth.

The vandalism to your server is a good reminder that I need to get
the "If you are a vendor, ..." page on the NTP Pool site[3].

As I emailed you off-list, I hope my friend can help you get in touch
with someone more clueful at D-Link.

• ask

[1] http://www.cs.wisc.edu/~plonka/netgear-sntp/
[2] http://www.pool.ntp.org/
[3] I'm planning to offer service to vendors, but they have to use
$company.vendor.pool.ntp.org or something like that so it can be
turned off or pointed to their own servers or some variation of that
if/when their software turns out to be broken[1].

--
http://www.askbjoernhansen.com/

In message 829F2B39-85E9-4DDA-854B-48F9F34B8D4C@develooper.com, =?ISO-8859-1?
Q?Ask_Bj=F8rn_Hansen?= writes:

Yes, I have repeatedly pointed that out to D-Link.

D-Link would be an eminent posterboy for the need for that concept.

--
Poul-Henning Kamp      | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG        | TCP/IP since RFC 956
FreeBSD committer      | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.

Hi Poul,

Submit your letter to http://slashdot.org.  It is a board that is populated
by millions of uber geeks, probably including most of D-Link's programming
staff.

Do NOT submit a link to your website, unless you want to see your server turn to
rubble.  It takes more than a T3 link just to handle the quick visits that
this group makes to links.  Their influence to servers is so extreme that it
has caused the coining of the phrase "slashdot effect".

-Chuck Harris

Poul-Henning Kamp wrote:

In message 4436658B.30801@erols.com, Chuck Harris writes:

I know slash-dot :-)

Two or three people have already told me that they submitted the
story...

The FreeBSD server in question has more bandwidth than that, last
I heard it was pretty much on a GigE that had several Gig's of
bandwidth backing it.  We've taken several slash-dottings in
the past with no trouble.

(Yes, FreeBSD is a good server OS :-)

--
Poul-Henning Kamp      | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG        | TCP/IP since RFC 956
FreeBSD committer      | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.

Poul-Henning Kamp wrote:

The Inquirer has picked up the story:
http://www.theinquirer.net/?article=30855

Has it been established that D-Link actually has a programming staff?

So many businesses now consist of officers that want more money and
have some ideas on how to get it. There is no manufacturing or
programming staff, only lawyers that make sure all terms are favorable
to the company.

The only way to get such a company's attention is to have a significant
negative affect on sales. Their attention is only focused on money.
"Doing it right" is only for engineers, and look where it got them.

D-Link is mostly sold to people who can only remember three TLAs, and
NTP isn't one of them. The geeks rule slashdot, but they're a small
minority of D-Link's market.

of TV talked about the wonderful educational opportunities opening up?
Fifty years later, TV is a commercial enterprise dedicated to selling
people things they don't need, including politicians.

Now the US gummint is talking about allowing broadband sources to charge
a premium for higher speed transmission. People are crying about the two-
tier Internet, where the most money buys the best access. At least the
second tier will still be there, unlike TV (for now).

If it was me, I'd take that NTP service off the air now. I would not
throw good money after bad by buying lawyers to sue D-Link.

Mr. Kamp, it's all part of the decrease in quality of life caused by the
competition to see who can have the most money on Earth. Move on, if you
don't want to play their enormously destructive game.

Regards,
Bill Hawkins

In message 001501c65a77$663cb360$0500a8c0@darius.domain.actdsltmp, "Bill Hawkins" wr
ites:

I may indeed have to suffer, but it won't be silently while I have any voice.

--
Poul-Henning Kamp      | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG        | TCP/IP since RFC 956
FreeBSD committer      | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.

PHK,

So sorry to hear about your legal adventure.

Have a close look at "NTP" from the 1930's -- at just
5 cents a day [about $0.70 in today's dollar]:

http://www.leapsecond.com/history/usno.htm

Perhaps the problem with NTP (and email, and the
web, etc.) is that the servers do all the work & pay all
the bills and the clients ride for free. One can imagine
a world where time to the second on the net is free,
but the client pays more for ever increasing levels of
delivered precision from the server.

If millisecond NTP cost microcents, and microsecond
NTP cost millicents, then quality NTP sites such as
yours would be competing to have their hostnames
show up in embedded systems. Every stray packet
would be change in your pocket and a reward for the
quality of your implementation instead of a thankless
drain on your bottom line.

Back to your situation; it is possible this abuse by
the vendor gets them in trouble with strict California
spam laws?

/tvb

----- Original Message -----
From: "Poul-Henning Kamp" phk@phk.freebsd.dk
To: time-nuts@febo.com
Sent: Friday, April 07, 2006 03:37
Subject: [time-nuts] D-Links NTP server vandalism

incompetence.