Clock backdating

posted by | Leave a comment

The most secure is to check the time against an external reference e.g. If there is no network access, you can then use the local methods described above, of using local (hidden) files to keep track of the time on the system, so you can detect rollback.

By using more than one such file in more than one location, and having them cross-check each other, you can make this arbitrarily hard to rollback without detection (and you can always keep periodically trying to connect to the external server).

If you really want to enforce the date range, write the current time on each program execution to a separate digitially signed file, verifying that time always goes monotonically up.

You can also check your last recorded time against any files your application writes-then-reads.

If you want to post about a news story from the past, make sure you aren’t backdating it to before the story actually hit the news.

Using all three your license would run out after a year, a rollback or x hours runtime.

There are several levels of security you can apply, and if this is a major concern then you may want to use all of them.

For instance you can store the current time at a regular interval after checking that it did not rollback (when a rollback is detected, output a message with an encrypted code to pass on to you for relicensing so you know that that happened).

You can also keep a "counter" that is incremented every hour your program runs giving you another way to estimate the usage of your license.

Click on the link "Change date and time settings" if you are using Windows Vista or higher.

Leave a Reply

tokyo adult sex dating service websites