The Perils of Online Time Servers

All sorts of technologies rely on precise and exact time, from cash machines and CCTV cameras, to speed cameras and computer networks. For computer networks, accurate time is essential for preventing errors, fraud and ensures security. Without it, many organisations, industries and modern applications couldn’t function. Everything from internet banking to air traffic control relies on precise and accurate time, but many organisations take unnecessary risks when it comes to the time on their networks and rely on online time servers.

Importance of synchronisation

Timestamps are the only method computer systems have of knowing when transactions, processes or applications have taken place or need to take place, which is why precise synchronisation is so vital for many modern technologies. CCTV networks, speed cameras, ATM machine and financial services require exact timing. If different devices are running at different times, even by just a second or two, all sorts of errors can occur.

For instance, if a banking customer withdraws all of his or her cash from an ATM, if the time on another cash machine differs, the customer could withdraw the same amount of cash again, as the machine may believe the original transaction hadn’t yet happened. Furthermore, imagine what would happen if two average speed cameras on a stretch of motorway weren’t synchronised together. Innocent motorists could be fined for speeding when in fact they were obeying the speed limit, and the same sorts of problems occur when computers communicate over the internet, which is why the modern network needs a method of accurately synchronising all devices together.

Network Time Protocol

Network Time Protocol (NTP) is an algorithm-based protocol designed to keep all devices on a network accurate and synchronised. Whether they are computers, CCTV cameras or ATM machines, NTP can ensure all devices are within a few milliseconds of each other. This means for a network of computers, each machine will have the exact same time, so any transactions, processes or applications will always be precise and accurate.

NTP works by using a single master time source. NTP distributes this time source to every device on the network and adjusts the system clocks to ensure each device is running true to within a few milliseconds of this source time. NTP is a freely available time protocol that is installed as standard on most computer systems and operating systems. However, the key to NTP precision lies in the accuracy in the master time source, which in turn is reliant on where the time source comes from.

Atomic clocks

The most accurate time source available comes from atomic clocks. Atomic clocks provide accuracy to the millionth of a second and they never drift, which is important because a drifting clock could result in the time gradually altering and devices would eventually lose synchronisation. However, atomic clocks are not practical instruments to be installed in computer server rooms; they are large, cumbersome and require regular attention to keep them running. However, atomic clock time signals can be utilised for the purposes of synchronisation.

Atomic time, usually called UTC (Coordinated Universal Time), is an international timescale used by technology-based systems that enables different networks across the globe to communicate with each other in perfect synchronisation. This atomic clock time signal is available from various sources, however, many network administrators rely on the internet, but this can result in all sorts of issues.

Online time servers

Various time servers around the internet distribute an atomic clock source for computer network synchronisation. There are hundreds of different locations offering sources of time. However, while this may seem like a simple and practical solution, using the internet as a source of atomic clock timing can lead to all sorts of problems. Not all these time sources are accurate, many are unreliable, and none can provide 100% security.

Security

As with downloading anything from the internet, using an online time server can lead to a network becoming vulnerable to security threats. In order to receive a timing source, a network requires an open port in the firewall, which could lead to malicious software or users gaining access. Furthermore, malicious users can also attack the time source itself, which could also result in security problems. A hacker could alter the time by a few minutes, days or even years, which would affect the entire network’s time. This could lead to errors in transactions, processes failing, or even complete network failure. You only have to think back to the millennium bug to recognise the problems that a tampered time source could cause for networks.

Accuracy

Another problem with internet time sources is their accuracy, which can never be guaranteed. All sorts of variables affect the accuracy of online time sources, from the distance between the host and peer, the speed of internet connections, to the original accuracy of the time source in the first place. In fact, surveys conducted of online time sources have revealed that a huge number of them are incredibly inaccurate, and not just by a few seconds, some have been found to be inaccurate by several hours. One of the main causes of this is that online time servers are not checked very frequently to ensure they are functioning correctly, which results in those networks that rely on them being left with an inaccurate and unreliable source of time.

Furthermore, most online time servers do not get their time source directly from an atomic clock and actually get their time from another time server. Many online time servers receive a time signal from another online time source, which in turn receives it from another device. This extra layer of servers can result in the time being out of sync with the original time source and this in turn will lead to a network having inaccurate time.

Reliability

Reliability is another reason why online time servers should not be used by any network that takes timing seriously. While NTP is very good at maintaining accurate time during short-term outages of the timing source, it cannot do this indefinitely. If an online time source goes down, eventually the network will begin to drift. The longer the time source is down, the more inaccurate the network will become. The big problem with online time servers is that unless somebody continually checks that the time server is still up and running, a network can go for days, weeks or even months without a valid time source, leading to the network ending up out of synchronisation by a large amount.

Online time servers also offer no authentication or guarantee of accuracy, so if the worst happens and a network needs to be debugged or the exact time of an event needs to be discovered, there is no guarantee the timestamp is accurate or reliable.

Dedicated NTP time servers

There is an alternative to using online time servers, and one which won’t leave a computer network at the mercy of inaccurate time: a dedicated NTP time server. Dedicated NTP time servers come in two forms: GPS and radio referenced time servers. GPS (Global Positioning System) time servers receive the signal transmitted from GPS satellites, while radio referenced time servers receive signals transmitted by national physics laboratories such as NPL in the UK (National Physical Laboratory), NIST in the USA (National Institute for Physics and Time) and similar organisations in other nations. In both cases, these dedicated NTP time servers receive these signals directly from an atomic clock source, so are always accurate and reliable as there is no latency or third party server to affect the time.

When it comes to computer network security, there really is no substitute to a dedicated time server. By getting the time from an external GPS or radio source, dedicated time servers don’t require an open port in the firewall that will leave a network vulnerable to attack, nor can a third party tamper with the time. For organisations that invest heavily in network security, using a dedicated time server can be as essential as anti-virus software and other security measures for protecting a network.

Audit trail

Furthermore, when it comes to fixing errors, debugging a system, or auditing, a dedicated time server provides an irrefutable trail that makes it simple and easy to pinpoint the exact time an event occurred. When tracing security breaches, fraud or criminal activity, a log from a dedicated time server can even be used in court proceedings as evidence, something that online time servers cannot provide. Evidence from dedicated NTP time servers have been used in all sorts of cases from high-profile murder trials, to cases of fraud and robbery.

Leaving time to chance can be costly, especially compared to the relatively inexpensive cost of a single dedicated NTP time server. As a single NTP time server can synchronise hundreds of devices on a network, it provides an excellent return on investment, especially when you consider the cost of a security breach, a downed network or the various other problems timing errors can cause.

This post was written by

Richard N Williams

Richard N Williams is a technical author and a specialist in the NTP Server and Time Synchronisation industry. Richard N Williams on Google+

Related Reading