undefined | Better HN

0 pointsCamperBob213y ago0 comments

Seems questionable to use the local time for that. System time isn't exactly a trusted quantity, is it?

0 comments

8 comments · 3 top-level

jonemo13y ago· 2 in thread

iOS does it that way. My iPod touch always forgets date and time when it runs out of battery. After restart you can't do anything in the App Store or on https websites before you've set the correct date (it defaults to 1970 which is when the iPod was first introduced I believe).

Tloewald13y ago

1970 ipod would be awesome.

Lord_DeathMatch13y ago

1970 is Unix Epoch :)

IE, Unix time started then.

arashf13y ago· 1 in thread

hmmm, I think it's fairly common practice amongst similar software (i.e. firefox, chrome, etc.) to use system time as a signal that you may be connecting to a server that has an outdated SSL certificate. while it's not perfect, it's a good first order security precaution to take (in addition to verifying the CA) to ensure you are talking to who you think you are.

astrange13y ago

Certificate validation for 802.1x networks relies on this, with the effect that you sometimes can't get an internet connection without fixing your clock.

happyhappy13y ago· 2 in thread

What other time source would you propose using?

CamperBob2OP13y ago

If you know you're on a network -- and Dropbox does -- then I'd fetch the time from a time server somewhere, perhaps Dropbox itself, or time.nist.gov. Of course, then you're at the mercy of the user's hosts file, I suppose.

If the time is just used to check for certificate expiration, maybe nobody considers it worth worrying about. Which I guess is fine as far as it goes... but the other day I couldn't get Dropbox to do its thing when my clock was only a few hours off. It didn't seem likely that an SSL date check was involved in that case.

TeMPOraL13y ago

Well. Chrome and Firefox won't let you log in to GMail, for instance. IE at least allows you to continue if you really want.

It's a common thing on school/university computers, where for various reasons, system time is always wrong and it requires Administrator privilenges to change it (I can't understand why).

j / k navigate · click thread line to collapse