Git records the local timezone when a commit is made [1]. Knowledge of the timezone in which a commit was made could be used as a bit of identifying information to de-anonymize the committer.
Setting one’s timezone to UTC can help mitigate this issue [2][3] (though, ofc, one must still be wary of time-of-day commit patterns being used to deduce a timezone).
References
- Git documentation. git-commit. “Date Formats: Git internal format”. Accessed: 2024-08-31T07:52Z. https://git-scm.com/docs/git-commit#Documentation/git-commit.txt-Gitinternalformat.
It is
<unix-timestamp> <time-zone-offset>
, where<unix-timestamp>
is the number of seconds since the UNIX epoch.<time-zone-offset>
is a positive or negative offset from UTC. For example CET (which is 1 hour ahead of UTC) is+0100
. - jthill. “How can I ignore committing timezone information in my commit?”. Stack Overflow. Published: 2014-05-26T16:57:37Z. (Accessed: 2024-08-31T08:27Z). https://stackoverflow.com/questions/23874208/how-can-i-ignore-committing-timezone-information-in-my-commit#comment36750060_23874208.
to set the timezone for a specific command, say e.g.
TZ=UTC git commit
- Oliver. “How can I ignore committing timezone information in my commit?”. Stack Overflow. Published: 2022-05-22T08:56:38Z (Accessed: 2024-08-31T08:30Z). https://stackoverflow.com/a/72336094/7934600
each commit Git stores a author date and a commit date. So you have to omit the timezone for both dates.
I solved this for my self with the help of the following Git alias:
[alias] co = "!f() { \ export GIT_AUTHOR_DATE=\"$(date -u +%Y-%m-%dT%H:%M:%S%z)\"; \ export GIT_COMMITTER_DATE=\"$(date -u +%Y-%m-%dT%H:%M:%S%z)\"; \ git commit $@; \ git log -n 1 --pretty=\"Autor: %an <%ae> (%ai)\"; \ git log -n 1 --pretty=\"Committer: %cn <%ce> (%ci)\"; \ }; f"
Cross-posts:
It’s not leak when it’s an intended and documented feature…
Fair point. I think “leak” is likely the wrong term to use here. “Exposes” is probably a better one. I’ll update the post promptly.
It’s not the only thing that leaks timezone data, and the fix is identical: have the machine pretend you’re in UTC.
For example: if you enable Resist Fingerprinting (RFP) in Librewolf, it will lie to websites and pretend your timezone is UTC - because of course timezone is one of the factors used to fingerprint you - and all the sites you visit that show you your local time, or depend on your local time for something or other, will show you the wrong time. And that’s how you know it works 🙂
And that’s the reason why I don’t use it, I need specific websites that access my local time, and apparently whitelisting is not a thing.
Sure it is. There’s a button labeled “Manage exceptions” that does exactly that.
This seems like a weird thing to be concerned about. Any given time zone there are going to be millions if not billions of people.
Git also “leaks” your system username and hostname IIRC by default which might be your real name. A fake name and email would pretty much be sufficient to make any “leaked” time zone information irrelevant.
Granted… I wonder if stuff like this is how they caught those North Korean “employees.”
https://arstechnica.com/?p=2042326
FWIW, I’d also suggest just picking the wrong time zone (but a close one) over UTC or something like that. UTC seems like it’s just “HEY LOOK AT ME! I’M TRYING TO HIDE SOMETHING!” One on the other side of the world, if you sleep like most people, could be defeated by doing an analysis of when the commits were made on average vs other folks from random repositories to find the average time of day and then reversing that information into a time zone.
It’s better to be “Jimmy Robinson in Houston Texas” than “John Smith in UTC-0”
could be defeated by doing an analysis of when the commits were made on average vs other folks from random repositories to find the average time of day and then reversing that information into a time zone
This is the first thing I thought of upon reading the title, and I swear I’ve read a writeup of something that included this as a lead that led to identifying an individual (i.e. commit timestamps)
Wait until you find out about build systems
How do you mean?
Often times the final build will have the information from the system including the hostname and username
That would certainly also be worthy of concern.
Not really as those are public things. Dhcp is more of a issue.
Not really as those are public things.
Would you mind citing an example of exactly what you are referring to? I feel like I’m presuming a lot of things in your statements here.
Dhcp is more of a issue.
I don’t know if it’s “more”, or “less” of an issue, but all these things are worthy of concern.