Patch Lady – sounds great until we think about the updates

Susan here, getting ready for that time of year that makes me for a sleepy Susan… aka Daylight savings.  I just spotted in the news tonight that Florida is considering opting to stay in daylight savings.  So what has that got to do with computers?  Plenty.  Computers are creatures of time.  They have to be on the right time or near it otherwise all sorts of bad things occur.  Like for example.. updating.  You have to be no more than a few minutes off of the real time otherwise Windows update will totally fail.  Because your machine depends on computer certificates, which have date/time stamps and if your computer comes back with the message that the certificate chain is invalid because the date and time is off…well you get the idea.

In a network a workstation cannot be more than 2 to 5 minutes off of the time set by the domain controller otherwise it will cause Kerberos log in problems.

On standalone computers your computer is typically sync’d up to time.windows.com.  This is a time server provided by Microsoft.  But you can use an alternative time server.

NIST.gov provided the definitive list of all of the time servers.  NTP or Network Time protocol is one of those old foundational protocols used in computers.  So foundational that attackers have even found ways to do denial of service attacks on NTP servers.  But on workstations, your machine only goes outbound to get it’s time information and isn’t open to attack.

Time is so foundational to how our computers talk to one another that it’s one of the reasons the DST updates are pushed out on a regular basis because time is sooo important.  The DST blog showcases how often countries mess with time.  It always amazes me how much countries mess with time.

By the way, trivia here…. do you know why we have time zones in the first place?  As I understand it you can thank the English and the introduction of trains for the introduction of “Railway time” which was needed to standardize when it was expected that the train would arrive.  Prior to travel everyone just set their own clock.

With the use of cloud technology I’m seeing some organizations go to a Universal time or UTC and not depend on the local time zone.  One of the key things to establish in computer forensics is what time was set for all devices – that is – was the time set correctly in the firewall/modem/router that is logging events, in the computer event log and so on so the forensic investigator can prepare a timeline of events and correlate activity.

So many times (get it — a pun on time) we’d skip over that time zone update as being optional because we didn’t live in the area of the time zone change. But we’d often end up with computers that couldn’t handle when we DID have a time zone change.  Everyone here remember when the USA moved the time zone change dates and how much we were running around trying to get things updated?  It’s one of the reasons Windows 10’s updates are all inclusive and those time change updates come automatically.

So, if Florida opts out of changing it’s clock, a ton of developers in Redmond will be working around the clock to roll out updates.

Fun to look forward to if the bill goes through.

And now it’s my bedTIME.