Tor should warn users when traveling backwards through time

An attacker can do evil things by rewinding a user's clock, without having to own their machine (e.g., NTP attacks).

Tor maintains a monotonic clock to prevent rewinding attacks while Tor is running. Tor also keeps some persistent information about the user's time in the state file, in the LastWritten field.

On launch, if Tor sees that the system time has been rewound to before the LastWritten time, it should warn the user that something strange is happening. However, Tor should not update the monotonic clock or fail to launch, since the user may have changed the time deliberately.

Trac:
Username: hdevalence