GitLab

If a device relies on NTP (or any other unencrypted network time protocol), ISP or other party in the middle can manipulate unencrypted packages to set wrong time. Tor relies on correct time, so ISP can deny Tor usage any time it wants to. Moreover, attacker controlling the ISP (government or hackers compromising ISP's server) can manipulate time on tor-using device, assisting attacks that involve wrong time.

Embedded systems like routers have no real-time clock hardware and need to set time via network. PCs are often configured to synchronize time via NTP.

Tor should have other way to set the time it needs. It could set time from directory servers and known relays.

Trac:
Username: time_attacker