Windows feature that resets system clocks based on random data is wreaking havoc - eviltoast
  • candybrie@lemmy.world
    link
    fedilink
    arrow-up
    23
    ·
    1 year ago

    If you read the article it’s explained that some SSL implementations put random data in the time field (OpenSSL was given as an example). Microsoft knows about this and so needs a certain number of closely matching timestamps to be confident about the new time to change the system time. However, if you get particularly unlucky with a string of random timestamps that match, you end up with a random time.

    • deegeese@sopuli.xyz
      link
      fedilink
      arrow-up
      24
      ·
      1 year ago

      Yes, it’s a dog shit implementation to rely 3rd parties to make guarantees about their data that they never agreed to.

      Linux and MacOS handle this just fine. Why blame SSL when you’re the one using it wrong?

    • SheeEttin@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      ·
      1 year ago

      And most NTP clients already handle this by not changing the time automatically if it would be too much of a jump. Microsoft is trying to fix what’s not broken.