Per topic title, how and/or where and/or when was this set?
I’ve brought this Photon online completely independent of the Particle Cloud using the CLI, yet all my epoch time stamps are on the money. Does this get set when flashed via USB or other during other CLI operations?
UPDATE
Time persists correctly across power cycling, indicating it’s not being sync’d by the CLI? 
What do you mean by this? What commands did you issue to bring it online. What code are you running?
@Ric -
I’ve brought a Photon online with the following CLI operations:
Firmware Update using > particle update
Set WiFi credentials using > particle serial wifi
Flash USER Firmware > particle flash --usb firmware.bin
I’m pumping payload direct to AWS IoT, and running a local serial debugger/logger. The epoch times I capture in my payload are correct, yet I’ve not connected to any Particle Cloud services or time server. I’m using the WolfSSL client, so my hunch is there’s something in that library that’s instantiating the time.
Which SYSTEM_MODE are you using, Manual, Semi-manual, or Automatic.
Default of Automatic… I haven’t claimed this Photon device either… it’s not in my Device list and it’s straight out of the package earlier today. It’s breathing cyan which is a bit of a head scratch?
Using Automatic mode means that it will connect to the cloud automatically, whether you use any of its services or not (breathing cyan means it’s connected to the cloud). The device syncs time when it first connects to the cloud.
So ET did phone home even if it’s unclaimed… I knew that automatic performed particle.connect(), but I didn’t realize that it connects even when not claimed.
That splain’s it… ty @Ric
This suggests that one can still leverage clock sync with the Particle Cloud even though the device is unclaimed?
Claiming status is irrelevant for the fact whether a device can connect to its “parents” or not. After all in order to be claimed the device needs to get in contact with the cloud to receive the claim code to link your account to the particular device - if it couldn’t connect you couldn’t claim it.
But leaving the device unclaimed may open a door to hijack it for others 
Makes sense @ScruffR, and I hadn’t put 2 and 2 together in this way until I’d gone through all the offline steps of setup. Now having done so this has all became clear.
Regarding your “hijack” comment, I can see virtue in disabling OTA if I’m trying to plug holes. Where else might there be vulnerabilities for “unclaimed” Photons?