Image Map Image Map
Results 1 to 8 of 8

Thread: Why is the computers clock setting being correct a big deal when accessing websites?

  1. #1

    Default Why is the computers clock setting being correct a big deal when accessing websites?

    CMOS batteries can lose charge and reset your clock to a crazy old date and time... Sometimes it's not even that... Firefox will complain about security issues when I visit some websites. It's either my clock time is incorrect or the website is configured improperly. Big deal right? As long as the site loads and I can use it why would it matter if it's not configured 100% correct? Networking is my weakness, I have to admit. Sorry if this is a dumb and/or naive question.
    Last edited by computerdude92; June 6th, 2019 at 09:14 PM.

  2. #2
    Join Date
    Oct 2008
    Location
    Kamloops, BC, Canada
    Posts
    5,598
    Blog Entries
    43

    Default

    These days a lot of encryption and HTTPS certificates are signed and DATED. When your clock is off you can end up with a certificate that exists before the current computer time (invalid) or long after it was issued (expired).
    = Excellent space heater

  3. #3
    Join Date
    Mar 2017
    Location
    New Jersey, USA
    Posts
    444

    Default

    For https web sites, the biggest issue is certificates, which have specific start and end dates outside of which they are considered invalid. In order for a browser on your computer to be able to tell whether a certificate is valid, it needs to know the time and date. If your computer's date is set to January 1 1980, and you go to an https web site with a certificate valid from 1990 through 1995, the certificate validation will fail and modern browsers will warn you that the site is "unsafe". Some browsers will block you from accessing it completely. You can avoid this problem by not using https (which is why this site still uses plain old http), but that exposes you to some security risks that certificates would have mitigated. For this site the risks are minimal, but you probably wouldn't want to do things like online payments/banking over a plain http connection.

    There are also some network protocols that use timestamps to limit the lifetime of an access token (like a Kerberos ticket, or a cookie to put it more simply), which prevents the token from being captured from the network then used again later by someone else in what's called a "replay attack". In these situations your clock needs to be fairly close to the server's clock (within some minutes of each other). It's common for people to use NTP on the Internet to keep clocks synced; NTP is able to keep clocks synced to within a small fraction of a second). Windows does this by default nowadays so most people aren't even aware that it's happening.

  4. #4
    Join Date
    Jan 2007
    Location
    Pacific Northwest, USA
    Posts
    31,196
    Blog Entries
    20

    Default

    I ran into this on one system that had both Windows and Ubuntu installed. Windows appears to keep the RTC on local time; Ubuntu (and probably most Linuces) keep it on UTC. So every time you'd boot a different system, the clock would be wrong.

    Fortunately, there are fixes for either side of the problem.

  5. #5
    Join Date
    Mar 2009
    Location
    Dublin, CA USA
    Posts
    2,731
    Blog Entries
    1

    Default

    Quote Originally Posted by NeXT View Post
    These days a lot of encryption and HTTPS certificates are signed and DATED. When your clock is off you can end up with a certificate that exists before the current computer time (invalid) or long after it was issued (expired).
    While SSL does offer encryption, most website use SSL certs for to confirm their identity, the encryption is a convenient side effect. So if you get a certificate error it is very possible that you might not be at the site you think you are (this can be done via a man in the middle attack, DNS cache poisoning or other such things), very popular among phishing scammers. Limiting the life of a cert and time stamping it goes a long way in making sure that certs are trustable.

    IBM 5160 - 360k, 1.44Mb Floppies, NEC V20, 8087-3, 45MB MFM Hard Drive, Vega 7 Graphics, IBM 5154 Monitor running MS-DOS 5.00
    IBM PCJr Model 48360 640kb RAM, NEC V20,, jrIDE Side Cart, 360kb Floppy drives running MS-DOS 5.00
    Evergreen Am5x86-133 64Mb Ram, 8gb HDD, SB16 in a modified ATX case running IBM PC-DOS 7.10

  6. #6

    Default

    Quote Originally Posted by Chuck(G) View Post
    I ran into this on one system that had both Windows and Ubuntu installed. Windows appears to keep the RTC on local time; Ubuntu (and probably most Linuces) keep it on UTC. So every time you'd boot a different system, the clock would be wrong.

    Fortunately, there are fixes for either side of the problem.
    Windows and Ubuntu run separately from each other and don't cross paths. So setting the clock on either would be the same as single booting one or the other I believe.

  7. #7
    Join Date
    May 2009
    Location
    Connecticut
    Posts
    4,237
    Blog Entries
    1

    Default

    Quote Originally Posted by computerdude92 View Post
    Windows and Ubuntu run separately from each other and don't cross paths. So setting the clock on either would be the same as single booting one or the other I believe.
    Both OSes will update the internal clock to match their expected time. Check what time is reported in the BIOS on startup. Change OSes then reboot and check the BIOS time again. It should have changed by more than the elapsed time. (Unless you are in Greenwich England.) Mostly a minor inconvenience if one is willing to let a time server adjust the time setting before launching a web browser.

  8. #8
    Join Date
    Jan 2007
    Location
    Pacific Northwest, USA
    Posts
    31,196
    Blog Entries
    20

    Default

    Quote Originally Posted by computerdude92 View Post
    Windows and Ubuntu run separately from each other and don't cross paths. So setting the clock on either would be the same as single booting one or the other I believe.
    You are mistaken in your belief.

    A simple web search would have verified the problem I describe. Like this or this or this...

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •