Have you got the time?

I might have written about this before – not sure 🙂

At some point, I was having issues with Windows XP not keeping its time synced. Keeping all of the computers on the Internet agreeing on the precise time is very critical. It’s also a big problem. When the internet was 30 computers in DARPA labs, they could coordinate with each other and average out what they thought the current time is, or even better check with the US Government.

But when the Internet is probably a billion devices spread across the entire world, keeping everyone synced is a really big challenge. The basic tool for this is the Network Time Protocol (NTP). It is built around a layered onion – you might be 10 computers away from the one computer that is actually authoritative. For most people, that’s close enough.

But I noticed the Fedora 20 computer had drifted about 3 minutes away from the correct time – which is a problem, since I do things like generate the programs for the coming half hour based on it being in the last minute before the top/bottom of the hour. Doing that 3 minutes before it should can create confusion.

After doing the advice to sync automatically, the NTPDATE tool just came back and told me there are no servers available. I cleared the firewall (briefly) to make sure I didn’t have a block in place – no change.

I started poking around and developed the theory that Time Warner Cable might be blocking the NTP requests (on port 123). Some poking around suggests that’s exactly the problem. The reason was they were the object of an attack a few months ago streaming 400 Gbps of NTP traffic in a huge Distributed Denial of Service attack. The thinking is that entire attack only required one server and a clever enemy. Something to keep in mind when picking fights with countries with large staffs of clever hackers working for the government. The Internet to a significant degree relies on good will and trust.

Here are details
http://revolution-news.com/technical-details-behind-400gbps-ntp-amplification-ddos-attack/

This isn’t Heartbleed, but it’s kind of in the same league. The vulnerability is wide spread, and keeping things quiet is part of the solution. I can’t find information – the logical way for TWC to handle this would be to maintain one NTP server on their network that syncs, then redirect all NTP requests to servers maintained by TWC. If they are doing that, I didn’t see evidence of it.

At least for now, that means I’ll have to manually fix the time by looking at my cell phone. Sheesh.

This entry was posted in About the Guide, Linux, North Carolina, Technology. Bookmark the permalink.

12 Responses to Have you got the time?

  1. Art Stone says:

    Part of the problems here (but not this morning’s problem) are that the eMachine’s clock is drifting. After going through what I could to debug it, I concluded it was worth the effort to call Time Warner Internet.

    They quickly sent me to Level 2 support, which confirmed that in fact Time Warner Internet IS blocking access to NTP servers. This means that using “Internet Time” in windows no longer works, in addition to Fedora not being able to sync its time.

    They’re working on a solution, but I shouldn’t really expect to see any kind of “fix” any time soon. After all, the only type of people who really care about the correct time are probably commercial customers – wink wink.

    I appreciate they have to protect their network from DDoS attacks, but they really have to solve this. This is like if AT&T said “Sorry, you can’t call California because we don’t want you to”. NTP is a foundational building block of the Internet. It isn’t just my dinky web server this is breaking.

    Did I mention Google Fiber may be coming to Charlotte soon?

    • CC1s121LrBGT says:

      WTF!?! Bob D Marcus has taken the Time out of Time Warner!

      What’s next?

    • CC1s121LrBGT says:

      Here is a free app to turn your cell phone into a local NTP server. You’d have to connect your phone to your local LAN (WIFI is the most common way) or to your computer with a USB.

      I don’t think you even need cell phone service for it to work, although I haven’t tested it. I have turn on old phones that no longer are in service and they do show the carrier and the date/time supplied by that carrier and are required by law to allow 911 calls, so they are fully functional without an account with the phone carrier.

      This one is for Android. I suspect you may be able to find a similar app for your iPhone or find a free abandoned old Android from a few years back.

      https://play.google.com/store/apps/details?id=com.icecoldapps.timeserver

      “I can’t tell you if the use of force in Iraq today will last five days, five weeks or five months, but it won’t last any longer than that.” — Donald Rumsfeld

      • Art Stone says:

        The little children of Iraq are greeting ISIS – throwing flowers at their feet – and without handing out soccer balls and candy.

      • Art Stone says:

        There is probably a simpler solution like scraping the web page at the NIST. If I was NASDAQ, I need time down to a nanosecond. For here, I just need the time within a few seconds.

        You probably know that Windows and Linux use the Hardware clock differently. Windows sets it to current local time, while *nix sets it to UTC. That can be problematic in dual boot systems. I think Fedora caved to the notion that while what Windows is doing may be “wrong”, resetting the clock to UTC and breaking Windows is not a good way speed up adoption

        If you read forums, the old timers are pretty annoyed when people want Linux to behave more like Windoze. A case in point – fedora desktop has “desktops”, but you can’t create shortcuts and put them “on” your desktop, or documents. So if I have a spreadsheet I use frequently, I can’t just click in it to open it. I either have to start the app by hand and then navigate the file system to find the file (or it may be in the recents) or search for the file in the file manager and open there.

        Which brings me to one of my corporate nuggets of wisdom:

        Boss: “A cluttered desk is the sign of a cluttered mind”
        Me: “What is an empty desk a sign of?”

        • CC1s121LrBGT says:

          New product announced just today… here is the write up in “Time” 😉

          http://time.com/2922246/android-wear-smartwatches/

        • CC1s121LrBGT says:

          Your solution is probably simpler for you since you write code regularly and don’t have an Android phone.

          I looked into the matter because I have a Windows Media Center DVR that I use regularly. It is important that a DVR have accurate time.

          I investigated that, at least for now, Verizon does not block my DVR’s time synchronization. I was never able to figure our how often Windows does the synchronization, so I created a scheduled job that does it nightly.

          Part of my research lead me to find that I could install a free app on my Android phone and use it to keep the DVR up to date. That is now my plan “B”.

          Still miffed that someone took the Time out of Time Warner. It’s a bit like taking the “keep your doctor” out of your health plan.

      • CC1s121LrBGT says:

        Fusing your two replies – time and ISIS, here is the times Maria Muldaur classic from 1974- “Midnight at the Oh ISIS” 😉

        http://www.youtube.com/watch?v=VlrKETxwRvM&feature=kp

  2. CC1s121LrBGT says:

    “A man came up to me and asked me what the time was that was
    on my watch, yeah
    And I said
    Does anybody really know what time it is
    I don’t
    Does anybody really care”

    –Robert Lamm

    • Nidster says:

      Yep, same thing as I was thinking and posted about a while back. I think it was in the thread when we were discussing whether the Moon was really, a natural moon. Some people believe it was placed in its very odd orbit by some entity, or entities. But, I was thinking out loud that there is so much we do not know, including what time it is.

      As to the question, ‘Does any care?” Some do, we all should care.

  3. CC1s121LrBGT says:

    That is strange. I googled and found that many on Comcast had reached the same conclusion but it was not in fact blocked by Comcast. The conclusion was that many of these servers will no longer accept frequent requests from the same IP address.

    Have you tried a long list of time servers? There are many that are public.

    I had found an issue on several of my Windows PCs where they were not getting the periodic time syncs that I had asked for in the Windows UI, but a manual click would update the time. I found a way to create a daily batch job that would update the time daily and I no longer have an issue. That was a couple years back and I am not on Time Warner.

  4. briand75 says:

    Enjoyable and ironic. All the technology we have is almost worthless because of some hacker. In earlier days, when I was in amateur radio, we used WWV in Colorado (the Atomic Clock) to align the clocks. I believe that is what NTP does. A shame we can’t use it now.

Leave a Reply