NTP's Fate Hinges On 'Father Time' - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Life
News
3/11/2015
06:06 PM
Connect Directly
Twitter
RSS
E-Mail
100%
0%

NTP's Fate Hinges On 'Father Time'

The Network Time Protocol provides a foundation to modern computing. So why does NTP's support hinge so much on the shaky finances of one 59-year-old developer?

(Image: Geralt via Pixabay)

(Image: Geralt via Pixabay)

In April, one of the open source code movement's first and biggest success stories, the Network Time Protocol, will reach a decision point. At 30 years old, will NTP continue as the preeminent time synchronization system for Macs, Windows, and Linux computers and most servers on networks?

Or will this protocol go into a decline marked by drastically slowed development, fewer bug fixes, and greater security risks for the computers that use it? The question hinges to a surprising degree on the personal finances of a 59-year-old technologist in Talent, Ore., named Harlan Stenn.

The Network Time Protocol is important enough that the likes of Google and Apple speak up if they find a bug in the protocol that needs fixing, or a modification they think is needed. But NTP has worked so well for so long that few people think there's any problem.

Not all is well within the NTP open source project. The number of volunteer contributors -- those who submit code for periodic updates, examine bug reports, and write fixes -- has shrunk over its long lifespan, even as its importance has increased. Its ongoing development and maintenance now rest mostly on the shoulders of Stenn, and that's why NTP faces a turning point. Stenn, who also works sporadically on his own consulting business, has given himself a deadline: Garner more financial support by April, "or look for regular work.”

(Image: Margaret Clark)

(Image: Margaret Clark)

Stenn's shaky personal finances illustrate one very real risk to the future of the Internet. A number of widely used foundations of the Internet -- such as OpenSSL, the Domain Name System, and NTP -- are based on open source code. Open source means no one owns the software, anyone can use it, and it's maintained through a collaborative process of people submitting changes to a central governing group. Some open source projects, such as the Android mobile OS, have a rich uncle like Google that pays people who maintain the code as a side job. Or, the project is trendy enough that working on it helps to spur consulting work. But a project like NTP, which is buried deep in the infrastructure, doesn't have a clear-cut financial backer. That leaves support up to people like Stenn.

For the last three-and-a-half years, Stenn said he's worked 100-plus hours a week answering emails, accepting patches, rewriting patches to work across multiple operating systems, piecing together new releases, and administering the NTP mailing list. If NTP should get hacked or for some reason stop functioning, hundreds of thousands of systems would feel the consequences. "If that happened, all the critics would say, 'See, you can't trust open source code,'" said Stenn.

Sam Ramji, CEO of the Cloud Foundry Foundation, cited Stenn’s work in an address at the Open Compute Summit 2015 in San Jose Mar. 11. He dubbed him "Father Time," and said he was "scraping by" as he continued to work on NTP.

Stenn is hardly the only open source coder living in such straits. Ramji also mentioned Werner Koch in Germany, the author and maintainer of Gnu Privacy Guard, which is used in three popular email encryption programs. In a Feb. 5 article, Koch told ProPublica that he was "going broke" on $25,000 a year since 2001. Chet Ramey, part of the networking infrastructure team at Case Western Reserve, has been the primary maintainer of the Bash shell for Unix since 1990 with minimal support.

Ramji noted that OpenSSL developers had been receiving less than $2,000 a year in donations when the Heartbleed exploit of OpenSSL broke out last April. "Secure code is hard to write and maintain," Ramji noted. Users have to decide whether they want to leave these projects to survive as best they can.

Next Page: Watching the timekeeper

Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 5
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 4 / 4
Doug Henschen
100%
0%
Doug Henschen,
User Rank: Moderator
3/12/2015 | 12:50:53 PM
Re: It's fine to send big money directly to NTF!
Keep up the good work, as best as you can as long as you can, but by all means cultivate a backup, particularly if Charlie's article helps spur more funding. This seems like it's too imporant to rest on your shoulders alone. What if you get hit by a truck? Too bad you can't set up a little tarrif for accessing NTP!
gmerriman112
100%
0%
gmerriman112,
User Rank: Strategist
3/12/2015 | 12:33:55 PM
Typical of the way things are going
I think the problems noted here are symptomatic of a larger problem. It seems that everyone these days is focused on getting rich with the next "Yo!" app or shiny new wearable gizmo that nobody is worried about keeping the foundations on which all this new technology depends. If the industry as a whole does not come to grips with this problem soon I fear we are in for a rough time ahead.
Somedude8
100%
0%
Somedude8,
User Rank: Ninja
3/12/2015 | 11:41:52 AM
Let it fail?
Companies will pay as little as they have to for any given service. Its not greed, its just their nature. They have been used to getting NTP for free for so long, they aren't likely to start coughing up funds out of the goodness of their hearts.

Harlan's efforts sound like they have been truly heroic, and at that heroic pace for a very long time. But I think he is flat out being taken advantage of, and will continue to be until he puts his foot down. Maybe just flat out refuse to work more than 15 or 20 hours per week on it, putting the rest of his time in to his consulting business or something. I know that $7k per month looks good on paper, but I gaurantee its not nearly as much in practice.

Let it fail. That will bring the needed attention as funding. Its harsh, and in many ways against the open source spirit, but the guy has been taken advantage of long enough. When Google and Apple and others aren't even chipping in a little bit, especially taking in to account the huge consideration he gave Apple, then the whole thing is just wrong.
Todder
100%
0%
Todder,
User Rank: Moderator
3/12/2015 | 9:47:20 AM
Re: Are you ready to roll back the next Leap Second?
Very good article Charlie. One of the best I've read in a long time. Hopefully this stirs up some funds for Harlan and the project. I'm also surprised that academia hasn't jumped right back in on NTP.
Charlie Babcock
100%
0%
Charlie Babcock,
User Rank: Author
3/11/2015 | 11:02:50 PM
Are you ready to roll back the next Leap Second?
Harlan Stenn is the only person I know who has already laid plans to cope with the Leap Second that will need to be subtracted from the solar day on June 30, when the discrepancy  between UTC and TAI will reach 36 seconds. For that, I'm afraid we must call him Father Time, even though he doesn't much like the moniker. (Leap Seconds occur irregularly, averaging one every 18 months.)
hstenn
100%
0%
hstenn,
User Rank: Apprentice
3/11/2015 | 6:58:32 PM
It's fine to send big money directly to NTF!
Wow, thanks for the great article, sir!

I've always considered myself either the "janitor of time" or maybe NTP's babysitter.

From my point of view, we want lots of companies and individuals to "join" Network Time Foundation.  We are also very happy to receive direct donations.  As long as we get enough donations from enough sources to meet the IRS Public Support Test we're happy, and all is well.

 
<<   <   Page 4 / 4
Commentary
Why It's Nice to Know What Can Go Wrong with AI
James M. Connolly, Editorial Director, InformationWeek and Network Computing,  11/11/2019
Slideshows
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
Slideshows
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll