Benjamin 🇪🇺
Ars TechnicaWindows feature that resets system clocks based on random data is wreaking havoc
Windows Secure Time Seeding resets clocks months or years off the correct time.
Tanquist
James_inthe_box@arstechnica cc @riskybusiness on this one...hilarious read.
A Lloyd Flanagan@arstechnica what an incredibly bad idea
Max Effort@arstechnica so, if I understand this correctly, things like ntpsec are not to be trusted, because you would need to reach out to the network, so instead, they reach out to the network. Got it.
Sören@kubefred @arstechnica I think the idea is that they cache _past_ successful trusted certificates as a trust root, then calculate the difference based on their time stamps. Which might work if that field reliably contained timestamps.
Piškvor🇨🇿 🇺🇦@arstechnica TLDR: #nih
As NTP is too widespread to Embrace Extend Exterminate, a brand new Windows-only system is created. To everyone's surprise, it hits every bullet point from Falsehoods Programmers Believe About Time.
Chris Glass@arstechnica if I'm reading this right, it's because the SSL Handshake response uses random data and Windows assumed it was a Unix timestamp?
Will@TheChrisGlass @arstechnica my read is that in the spec the handshake/communication requires a number that should always be different in each message. and it traditionally has been the unix time or partially composed from unix time. but there are implantations that use a random number instead to increase security.
Bodling@arstechnica "The culprit was a little-known feature in Windows" means that this is a rare example of "it's not a feature, it's a bug."