Fairly basic question: Which Network Time Protocol (NTP) provider/s would you recommend?
For example, there’s the NTP Pool Project, which is the default for many Linux distros and other systems. Would it be a good idea, from a security- and privacy-conscious perspective, to change this? Are there any other cases where you should change the NTP provider, assuming functionally everything’s fine? If so, when and which would be the best one?
I don’t consider this all that important in the grand scheme of things, but every time I go through the setup of a linux distro or sth similar, I wonder whether this area deserves more thought. I couldn’t find anything on this with a security/privacy focus specifically, so I thought maybe some people here have things to say. Should this be an important/overlooked topic, it could obviously be a good idea to add it to the PG website in some way.
I was aware of this, and to be fair probably should have mentioned it in my post. General problems with NTP and alternatives should, in case PG chooses to cover this topic, definitely be explained as well.
However, here I did mean to ask about NTP providers specifically. There are many cases where people may not be able to do anything more than configure another provider, be it because of a lack of knowledge, motivation or the actual inability to do so for some devices.
It is not much of a concern, systemd/chrony/ntpd have mitigation mechanisms, the default pool.ntp.org config will query several random servers provided by several orgs, if the time provided by any one server is significantly off, it will be blacklisted. The only attack against NTP is using a MitM attack to impersonate all time-servers, this could be potentially problematic. The suggested solution is using Cloudflare’s NTS servers, which gives them complete control over your device time, but they are generally trustworthy. A better solution would be using a random sample of Public NTS Server List – Netfuture: The future is networked.