It's not an issue of life-changing proportions if you can't have milk with your morning coffee (although it feels that way sometimes!) but if NTP fails in a spectacular fashion, some much more critical systems can fail as a result. Here we'll take a look at NTP, where it's used and what it controls. You'll be surprised to learn just how common this little protocol is.
NTP: An Essential ProtocolJust about everything connected to the Internet either uses NTP to synchronize its clock, or if it doesn't, its software probably has a setting to allow it to use NTP. Smartphones, servers and switches are just some of the many Internet-connected devices that rely on time to perform critical operations such as instantiating backups or checking for security updates. And when NTP fails to function correctly, the result can be chaos.
When NTP FailsOne age-old issue that is still seen on some older operating systems is the seasonal give or take of an hour known commonly as daylight saving time. The hour-long time shift, when suddenly introduced to a busy server, for example, can cause problems on a number of levels. The server might get confused with when a file was created or last written to. This can lead to all sorts of errors, causing services to fail. In addition, scheduled jobs - such as scanning the file system for malware or viruses - might run again despite having already been completed. If that task is resource intensive, the result will be less-than-optimal server performance. For many businesses, such as e-commerce websites, this can have a significant impact on the bottom line.
At the risk of scaremongering (the Y2K bug springs to mind) a certain "leap second glitch" actually did do some damage. In July 2012, Reditt, Gawker, Mozilla and other large sites experienced technical problems and outages after a single second was removed from the world's atomic clocks. You can see that large corporations felt the loss of a single second and such issues of time sensitivity are not just the preserve of small businesses without the resources to roll out preventative measures in advance.
The NTP CommunitySo how does the Network Time Protocol propagate around the Internet? It harks back to a time when the Internet was a more trusted community. Without getting into too much technical detail consider that atomic clocks, commonly regarded as the most accurate (and relatively attainable) types of time pieces, sit at the top of a hierarchy, as shown in the image below.
The hierarchy functions initially by trust, or locality you might say. Stratum 0 is the next level down under the atomic clock and is usually a time server connected directly to that atomic clock. Then, controlled with some explicit firewalling rules, certain servers can ask Stratum 0 machines for the correct time.
So that there's never too much load on these machines, they selectively connect to trusted NTP servers underneath them (at least in terms of the hierarchy), called Stratum 1 servers and so on. By using this model, anyone with a computer on the Internet can connect to one or more (several are often used for reliability in case one NTP server fails) servers that have recently received an accurate time from an atomic clock.
Securing NTPMany businesses run their own time servers in the interest of security because clearly, wide and unwelcome disruption is possible if a key group of business servers are given the wrong time.
As a result, most modern implementations of NTP can be thoroughly secured to an impressive level, giving confidence to system and network administrators. There's little doubt, however, that some operations require even tighter security and cryptography, giving as close to a guarantee as possible that the server connecting to a precious, possibly load-sensitive, NTP server is correctly identified as being trusted. Further information on encrypting NTP exchanges can be found on the ntp.org site.
As a protocol that's used almost everywhere, NTP has a relatively good track record for security bugs, but anything used as widely as this protocol is always prone to exploits.