Greetings, An article today on CNET says "A doctoral student at the University of California has conclusively fingerprinted computer hardware remotely, allowing it to be tracked wherever it is on the Internet."
http://www.zdnet.com.au/news/security/0,2000061744,39183346,00.htm The explanation is: 'The technique works by "exploiting small, microscopic deviations in device hardware: clock skews." In practice, Kohno's paper says, his techniques "exploit the fact that most modern TCP stacks implement the TCP timestamps option from RFC 1323 whereby, for performance purposes, each party in a TCP flow includes information about its perception of time in each outgoing packet. A fingerprinter can use the information contained within the TCP headers to estimate a device's clock skew and thereby fingerprint a physical device."' Of course, I don't mind the FBI or DOD tracking my computer's Internet presence to keep the US safe and to remind me if I inadvertently do something "Un-American". But there are evil people out there who might wish to steal from me, force me to comply with their wishes against my will, or interfere with my ability to communicate with others. Could one add a random, zero averaged offset to the computer clock using hwclock? The offset might be changed every hour, perhaps. Would that alter the skew derived from the TCP stack? Jim Kuzdrall _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss