modern JVM concurrency primitives are broken if the system clock steps backwards
‘The implementation of the concurrency primitive LockSupport.parkNanos(), the function that controls *every* concurrency primitive on the JVM, is flawed, and any NTP sync, or system time change, can potentially break it with unexpected results across the board when running a 64bit JVM on Linux 64bit.’ Basically, LockSupport.parkNanos() calls pthread_cond_timedwait() using a CLOCK_REALTIME instead of CLOCK_MONOTONIC. ‘tinker step 0’ in ntp.conf may be a viable workaround.
(tags: clocks timing ntp slew sync step pthreads java jvm timers clock_realtime clock_monotonic)
Schneier on Security: The NSA Is Breaking Most Encryption on the Internet
The new Snowden revelations are explosive. Basically, the NSA is able to decrypt most of the Internet. They’re doing it primarily by cheating, not by mathematics. It’s joint reporting between the Guardian, the New York Times, and ProPublica. I have been working with Glenn Greenwald on the Snowden documents, and I have seen a lot of them. These are my two essays on today’s revelations. Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted.
(tags: encryption communication government nsa security bruce-schneier crypto politics snooping gchq guardian journalism)