The integrity of system timestamps are extremely important for fraud detection by keeping track of precisely when financial transactions and other changes occur. By resettingtampering with the system clock it is possible to misrepresent sequences of events.<ref>{{cncite web|last1=Vanini|first1=Céline |last2=Hargreave|first2=Christopher |last3=van Beek|first3=Harm |last4=Breinger|first4=Frank | title=Was the clock correct? Exploring timestamp interpretation through time anchors for digital forensic event reconstruction |publication-date=April July 2024| access-date=May 2, 2025| publisher=Elsevier |url=https://www.sciencedirect.com/science/article/pii/S2666281724000787| doi=10.1016/j.fsidi.2024.301759}}</ref> With that in mind both [[Berkeley Software Distribution| BSD]] and [[GNU]] based Unix systems log both the before and after times when the clock is reset, including by the date command, in the [[utmp]] file.<ref>{{cite web| author=<!-- not stated --> | url=https://www.unix.com/man_page/bsd/5/utmp/https://www.unix.com/man_page/bsd/5/utmp/ | title=bsd man page for utmp| publisher=Unix Linux Community| website=community.unix.com | date=Nov 27, 1996 | access-date=April 27, 2025 }}</ref><ref> {{cite web | author=<!-- not stated --> | editor-last=Kerrisk| editor-first=Michael |url=https://man7.org/linux/man-pages/man5/utmp.5.html |website=man7.org | title=utmp(5) — Linux manual page |date=2024-09-01|___location= |publisher= |access-date=April 27, 2025}}</ref>
