keverets boosted
Electronic Frontier Foundation  

Home for the holidays? Help your loved ones install Privacy Badger to stop online trackers from following them around the web. privacybadger.org/

0
keverets boosted
J. B. Crawford  

The issue of comparison is exactly why this is all interesting, though! If NIST completely loses the clocks at Boulder, they will need to 'restart' them later by synchronizing them to some other standard like another NIST site or the Navy. The physical distance between locations and means of comparing their time signals makes this a tricky process, and one that I don't think the Boulder clocks have ever been through before.

The gold standard used to be to literally "ship" the time reference, by flying a portable atomic clock between sites. I know that NIST has fiber lines between sites and metrology has continued to advance, my impression is that you can now get more accurate results by sending signals over precisely measured fiber. But if NIST does end up in that scenario I'm sure we'll get a paper about how exactly they end up handling it.

Show thread
0
keverets boosted
J. B. Crawford  

Long discussion on the orange website about the NIST's Boulder NTP site being down. Not a lot of people with practical experience in the topic.

NTP is designed to function as a tree model, rooted in "stratum 0" NTP servers with direct time references. Actual clients are expected to interact with lower-stratum servers that themselves synchronize to higher-stratum servers. Generally any NTP server with a GPS time reference is considered suitable for stratum 0, and the vast, vast majority of real-world NTP/PTP deployments are ultimately working off of one or more GPS references. GPS operates from the Naval Observatory clock via a few different layers of indirection, each of which has its own high-precision oscillators to allow plenty of holdover. Purpose-built stratum 0 servers, used e.g. in data centers, have their own precision reference oscillators for holdover should the GPS lock be lost. Basically any real problem in this space would probably evolve pretty slowly.

The NIST NTP servers have always suffered from high load, to the extent that they've sometimes been unresponsive in the past. Synchronizing devices directly to these NTP servers is a bad practice, discouraged by the NIST and now mostly gone from default configs. That limits the impact of an outage a lot. The authenticated service is intended to help with the load-related reliability issues but presumably its users are sophisticated enough that their stratum-1 will be fine. Most clients are interacting with lower-stratum NTP servers operated by, for example, ntppool.org. These track multiple stratum-0 references and will be fine with the loss of one of the NIST sites.

There are probably still a bunch of stupid clients that try NIST Boulder NTP servers exclusively (I know some old network appliances shipped like this by default), and they might be a little driftier than usual for a while, but I wouldn't expect any of these to be important as they were pretty much already misconfigured.

Big picture, the NTP system is very big and very distributed and the NIST Boulder site has no real significance beyond name recognition---the same name recognition that made it a poor choice for most purposes.

1+
keverets boosted
Jan Penfrat  

Great #DSA report by @bitsoffreedom about how #Snapchat manipulates its users through notifications:

"From 109 notifications we categorized 39 as misleading." They contained "false information (e.g., “check out this post from someone you follow”—even though we weren't following anyone), resembled a personal message from other users, or were incorrectly labeled as being “time-sensitive”."

bitsoffreedom.nl/2025/12/05/ho

#DigitalRights #DarkPatterns #DigitalServicesAct #BigTech #InterfaceDesign

1
keverets boosted
Electronic Frontier Foundation  

"Any workplace surveillance should have strict limitations on its use," EFF’s @legind told Business Insider. That might include not using the technology outside the workplace or beyond work hours. businessinsider.com/employee-s

1
keverets boosted
CuNha  

The United Nations opts for @CryptPad, an open source alternative to #GoogleForms.

news.itsfoss.com/un-ditches-go

#OpenSource #CryptPad #UN #UnitedNations #foss

0
keverets boosted
Agnes Crepet  

At Fairphone, we believe that true ownership isn't just about hardware, it's also about code 💚
We're proud to be one of the few brands offering the necessary resources for users to develop and run their own software. We publish kernel sources, device trees, and work hard to maintain buildable code for our devices. We also published this week our detox feature Moments of our Gen 6.
fairphone.com/en/2025/12/04/we

0
Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml