Windows feature that resets system clocks based on random data is wreaking havoc https://arstechnica.com/security/2023/08/windows-feature-that-resets-system-c locks-based-on-random-data-is-wreaking-havoc/
Windows Secure Time Seeding resets clocks months or years off the correct time. That's 4 web pages of several screens each. >From the 3rd web page: > Simen said he believes the STS design is based on a fundamental > misinterpretation of the TLS specification. Microsoft's description of > STS acknowledges that some SSL implementations don't put the current > system time of the server in the ServerUnixTime field at all. Instead, these > implementations--most notably the widely used OpenSSL code library > starting in 2014--populate the field with random values. Microsoft's > description goes on to say, "We have observed that most servers provide > a fairly accurate value in this field and the rest provide random > values." > "The false assumption is that most SSL implementations return the server > time," Simen said. "This was probably true in a Microsoft-only > ecosystem back when they implemented it, but at that time [when STS was > introduced], OpenSSL was already sending random data instead." The background story continues over here: [TLS] Let's remove gmt_unix_time from TLS https://mailarchive.ietf.org/arch/msg/tls/_clS-TIIlZUcid_2S4WPej9iMWk/ (There are roughly 20 messages in that thread.) Time was in there to provide some protection against broken random number sources. But it leaks enough information to help tracking which is a big no-no for things like TOR. That's from 2013. OpenSSL has been using random since 1.0.1f [6 Jan 2014] * Don't include gmt_unix_time in TLS server and client random values -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
