Home » Data Protection » Network Security

Right on Time? The Security Implications of the Humble Computer Clock

If your company's computer clocks aren't in sync, forensics, backups, and much more can suffer. Simson Garfinkel on getting the time right.

Leap Seconds
There is one more geeky little wrinkle in time that might affect you, though, and that is the handling of leap seconds. Recall that leap seconds are added because the Earth's rotation is slowing down due to the frictional action of the tides; the Earth hasn't had 86,400 seconds in a day (the old conventional measure) for more than a hundred years now. To deal with this unfortunate circumstance, the International Earth Rotation and Reference Systems Service, a group also known as the Time Lords, add a "leap second" every now and then to keep the meteorological day in sync with the day that our computer systems all use. We just had a leap second this past December. The standard way that computers handle leap seconds is to have the clock go to 23:59:60 GMT before they go to 00:00:00 on January 1st. (In New York City the leap second actually happened at 18:59:60 EST on December 31st.)

Leap seconds can cause problems because even though NTP and the lowest layers of most modern operating systems know that seconds sometimes go from 0 to 60 (and not their normal 0 to 59), few programmers are really up on all of the ins and outs of proper time keeping.

This past December, systems running Oracle Cluster Ready Services (CRS) clusterware crashed at 23:59:60 GMT, unable to handle the leap second that bubbled up from the operating system's underlying time service. Some Linux systems from Slackware, Debian and Red Hat also hung, apparently because of an underlying kernel bug. (This is unrelated to the bug that caused some Microsoft Zune players to crash on January 1st, 2009. That bug had to do with the fact that 2009 is not a leap year.)

Hopefully your good-natured response to this article will be to check and make sure that all of the computer systems in your organization have the correct time—and if they don't, add proper time keeping to the list of responsibilities for your security staff. Certainly having dependable time is important for good security, but it also makes other kinds of routine tasks like diagnosing e-mail delays and outages easier.

Ultimately, time is a security matter. Having correct time can be the difference between having someone convicted of a crime and having them go free. Indeed, if your system clock is wrong, you might not even know that a crime has taken place. ##

Simson Garfinkel is an associate professor at the Naval Postgraduate School in Monterey, Calif., and an associate of the School of Engineering and Applied Sciences at Harvard University. The views and opinions expressed in this document represent those of the author and do not necessarily reflect those of the U.S. Government or the Department of Defense.