![]() Some constructions are also vulnerable to temperature fluctuations. Obviously these devices can have bad batteries, in which case they can keep poor time or no time at all. Some are just cheap parts that don't work well. There are many different constructions for this device with varying degrees of accuracy and robustness. This clock is typically the default clock for the system, as it is always available. This is the clock on your PC's motherboard that historically was powered with a coin cell battery. The only onboard clock that most computers have is the Real-Time Clock (RTC). In general you should not assume that all machines have the correct time in all circumstances, and your security should not depend on this assumption. Time keeping is an important part of the kernel's duties, but it's not infallible, especially when you're talking about scenarios where other failures are occurring. Should I just assume that the OS can keep the time at all times? Or should I use some kind of time-syncing service myself? Like some free HTTPS API, where I make a lookup every minute and force the system clock to me whatever it reports? Should I just leave it be and assume that this is "taken care of"/solved? However, I do important logging of events in my system running on it. I can't remember my Windows computer ever having been out of time for the last "many years". You'd think that by now, not only would every single computer be always auto-synced by default with tons of fallback mechanisms to never, ever be in a situation where the clock isn't perfectly synced with "actual time", at least down to the second, if not more accurately it would be impossible or extremely difficult to set the clock to anything but the current actual time, even if you go out of your way to do it. I also set up some kind of automatic timekeeping mechanism (in FreeBSD). ![]() After that, I hardcoded a timestamp into the code which the current time had to be more than or else it would trigger "offline mode", to avoid any potential disasters like this in the future. This resulted in all my moderators potentially being able to see every single account's history and contributions in my service until I came back and noticed the wrong time (which I might not even have done!) and re-synced it. When it came back on again, its clock had been reset to the factory default, which was many years back. One day, the server where this was hosted on had been "knocked offline" in the data centre where I was renting it, according to the hosting company. I did this by checking the timestamp against the current Unix epoch, allowing for X hours/days. Years ago, I was running a service where the moderators were able to do various actions with massive privacy implications if the accounts or contributions were less than a short period of time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |