Language Selection

English French German Italian Portuguese Spanish

Y2038 bug may hit Unix, Linux machines

Filed under
Linux

After the Millennium bug for which several billions of dollars were committed for research and updations in computer systems the world over, there is yet another bug on the horizon. It is the Year 2038 bug that is slated to hit computer users in that year.

To be precise, on Tuesday, January 19 03:14:07 2038, machines prone to this bug will alter calendars to go back to Friday, December 13 20:45:52 1901.

Computer programmers predict that this can result in incorrect and wildly inaccurate dates being reported by the operating system and applications. It is likely to cause serious problems on many platforms, especially Unix and Unix-like and Linux platforms, because these systems will "run out of time". They are reluctant to predict the extent of the damage.

What is special about this date? It is explained that Unix and similar operating systems do not calculate time based on the Gregorian calendar. Instead, they are known to simply count time in seconds from their arbitrary "birthday", that is, GMT 00:00:00, Thursday, January 1, 1970. The accepted practice among software programmers is to use a 32-bit variable for this number (32-bit signed time_t). The largest possible value for the end integer in this calculation is 2**31-1 = 2,147,483,647. So, 2,147,483,647 seconds after Unix's birthday falls on Tuesday, January 19, 2038. And one second later, theoretically Unix systems will revert to their birth date (like an odometer switching back from 999999 to 000000).

Experts are of the opinion that Linux users will be the hardest hit, because of the wider acceptance of this OS for its security and cost features. They are feared to grind to a virtual halt or go into a loop. This Linux's own Y2K nightmare can be more damaging than the Y2K bug, because the latter basically involved applications while the 2038 bug affects the time-keeping function itself.

Linux gurus are apprehensive about the bug's impact on the embedded field, where software does not get replaced frequently. As such, major telecom gadgets and equipment will be greatly affected. However, one ray of hope is that the 32-bit processing can be replaced thus overcoming the impact of the bug -- definitely before 2038.

But, the optimism must end there. The bug can have severe impact on records created today with calculations going beyond 2038, like insurance policies. There could be error messages splashing on Unix and Linux screens then. And Linux is getting to be the popular operating system these days.

Experts say one and sure-short way to overcome the problem is to switch over to 64-bit or longer time_t data storage. Some of the existing 32-bit codes can be changed and the programs recompiled. However, all these are not very easy tasks.

Source.

Gone

I'll be dead by then so I'm not worried.

me too

that's what I was thinking... or at least so old I won't care... Tongue

----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Schedutil CPU Frequency Scaling Governor Improvements Coming To Linux 4.18

Adding to the list of changes coming to Linux 4.18 are updates to CPUFreq's "Schedutil" CPU frequency scaling governor. Schedutil is the newest CPUFreq governor introduced back during Linux 4.7 as an alternative to ondemand, performance, and others. What makes Schedutil different and interesting is that it makes use of CPU scheduler utilization data for its decisions about CPU frequency control. Read more

Security: Updates, Kernel Mitigation (CPU Flaws) and FBI

  • Security updates for Wednesday
  • ARM64 Mitigation Posted For Spectre 4 / SSBD
    Following the Intel/AMD Spectre Variant 4 mitigation landing yesterday with "Speculative Store Bypass Disable" (SSBD) and then the POWER CPU mitigation landing today, ARM developers have posted their set of patches for 64-bit ARM CPUs to mitigate against this latest Spectre vulnerability around speculative execution.
  • Linux 4.9, 4.14, 4.16 Point Releases Bring SSBD For Spectre V4
    Greg Kroah-Hartman has today released the Linux 4.9.102, 4.14.43, and 4.16.11 kernels. Most notable about these stable release updates is Spectre Variant Four mitigation. Today's 4.9/4.14/4.16 point releases carry the Intel/AMD mitigation for Spectre V4 albeit the Intel support is dependent upon to-be-released microcode updates and is vulnerable by default while for AMD processors there is SSB disabled via prctl and seccomp.
  • An Initial Look At Spectre V4 "Speculative Store Bypass" With AMD On Linux
    Yesterday the latest Spectre vulnerability was disclosed as Spectre Variant 4 also known as "Speculative Store Bypass" as well as the less talked about Spectre Variant 3A "Rogue System Register Read". Here are my initial tests of a patched Linux kernel on AMD hardware for Spectre V4. Landing yesterday into Linux 4.17 Git was Speculative Store Bypass Disable (SSBD) as the Linux-based mitigation on Intel/AMD x86 CPUs. Since then has also been the POWER CPU SSBD implementation and pending patches for ARM64 CPUs.
  • Exclusive: FBI Seizes Control of Russian Botnet
    FBI agents armed with a court order have seized control of a key server in the Kremlin’s global botnet of 500,000 hacked routers, The Daily Beast has learned. The move positions the bureau to build a comprehensive list of victims of the attack, and short-circuits Moscow’s ability to reinfect its targets. The FBI counter-operation goes after “VPN Filter,” a piece of sophisticated malware linked to the same Russian hacking group, known as Fancy Bear, that breached the Democratic National Committee and the Hillary Clinton campaign during the 2016 election. On Wednesday security researchers at Cisco and Symantec separately provided new details on the malware, which has turned up in 54 countries including the United States.

Containers & Events

  • Video: Containers Should Contain... Right?
    Here's a presentation video from the very recent OpenStack Summit Vancouver 2018. The topic repeats what Dan Walsh was saying a couple of years ago. Again, this is talking about application containers using traditional kernel features like namespaces and cgroups... because as we all know, in the Linux kernel, containers are NOT a REAL thing. Just to be clear, OpenVZ... which is a mature out-of-tree patch for system containers that has been around and maintained for well over 13 years... does contain... but the hype is all around application containers like Docker and its work-alikes.
  • Updates in container isolation
    At KubeCon + CloudNativeCon Europe 2018, several talks explored the topic of container isolation and security. The last year saw the release of Kata Containers which, combined with the CRI-O project, provided strong isolation guarantees for containers using a hypervisor. During the conference, Google released its own hypervisor called gVisor, adding yet another possible solution for this problem. Those new developments prompted the community to work on integrating the concept of "secure containers" (or "sandboxed containers") deeper into Kubernetes. This work is now coming to fruition; it prompts us to look again at how Kubernetes tries to keep the bad guys from wreaking havoc once they break into a container.
  • Autoscaling for Kubernetes workloads
    Technologies like containers, clusters, and Kubernetes offer the prospect of rapidly scaling the available computing resources to match variable demands placed on the system. Actually implementing that scaling can be a challenge, though. During KubeCon + CloudNativeCon Europe 2018, Frederic Branczyk from CoreOS (now part of Red Hat) held a packed session to introduce a standard and officially recommended way to scale workloads automatically in Kubernetes clusters. Kubernetes has had an autoscaler since the early days, but only recently did the community implement a more flexible and extensible mechanism to make decisions on when to add more resources to fulfill workload requirements. The new API integrates not only the Prometheus project, which is popular in Kubernetes deployments, but also any arbitrary monitoring system that implements the standardized APIs.
  • An introduction to MQTT
    A few years ago, I was asked to put temperature monitoring in a customer's server room and to integrate it with their existing monitoring and notification software. We ended up buying a rack-mountable temperature monitor, for nearly £200, that ran its own web server for propagating temperature data. Although the device ostensibly published data in XML, that turned out to be so painful to parse that we ended up screen-scraping the human-readable web pages to get the data. Temperature sensors are fairly cheap, but by the time you've wrapped them in a case with a power supply, an Ethernet port, a web server, enough of an OS to drive the above, and volatile and non-volatile storage for the same, they get expensive. I was sure that somewhere there must be physically-lightweight sensors with simple power, simple networking, and a lightweight protocol that allowed them to squirt their data down the network with a minimum of overhead. So my interest was piqued when Jan-Piet Mens spoke at FLOSS UK's Spring Conference on "Small Things for Monitoring". Once he started passing working demonstration systems around the room without interrupting the demonstration, it was clear that this was what I'd been looking for.

Ubuntu: Ubuntu Unleashed, Technical Board, 'Edge', Xubuntu and More

  • Ubuntu Unleashed 2019 and other books presale discount
  • Call for nominations for the Technical Board
    The current 2-year term of the Technical Board is over, and it’s time for electing a new one. For the next two weeks (until 6 June 2018) we are collecting nominations, then our SABDFL will shortlist the candidates and confirm their candidacy with them, and finally the shortlist will be put to a vote by ~ubuntu-dev. Anyone from the Ubuntu community can nominate someone.
  • Decreasing the complexity of IoT adoption with Edge as a Service model
    Last week, much of the IoT industry descended on Santa Clara, California, for the annual IoT World trade show. One of the exhibitors present were Rigado who Canonical partnered with earlier this year to deploy Ubuntu Core on their IoT gateways primarily targeted at commercial applications such as smart lighting and asset tracking. Rigado used IoT World as an opportunity to discuss the launch of Cascade, their new ‘Edge as a Service’ proposition, for commercial IoT. Cascade, which is offered as a simple monthly subscription, enables companies to focus on their business and what generates revenue rather than expending effort and resource dedicated to managing the infrastructure behind it. With many organisations looking at ways they can benefit from adopting IoT while removing perceived barriers, Cascade offers a low-risk, low-cost entry which in turn enables project teams to benefit from reduced development, support and no upfront hardware costs. The end result is a quicker path to IoT deployment and resulting ROI.
  • Xubuntu: New Wiki pages for Testers
    During the last few weeks of the 18.04 (Bionic Beaver) cycle, we had 2 people drop by in our development channel trying to respond to the call for testers from the Development and QA Teams. It quickly became apparent to me that I was having to repeat myself in order to make it “basic” enough for someone who had never tested for us, to understand what I was trying to put across. After pointing to the various resources we have, and other flavours use – it transpired that they both would have preferred something a bit easier to start with. So I asked them to write it for us all.
  • How to install Ubuntu Server 18.04
  • How To Install Firefox Beta in Ubuntu & Linux Mint