On Tue, Mar 15, 2005 at 08:14:25PM -0800, Stewart Stremler wrote: >begin quoting George Georgalis as of Tue, Mar 15, 2005 at 10:33:36PM -0500: >[snip] >> the subject "hardware fingerprinting" is no less contiguous then the >> thread. ...if you don't reset your ttl then they will really know it was >> you, the men in the black helicopters don't even have to unerase your >> disks to tell what you've been up to. > >Ah, I see. Since all data comes from the network and none of it of >any worth is created locally, they have an archive of all the bytes >you've downloaded anyway, and so they know what your system may look >like.
Yes, now the fire is burning... >With regards to the fingerprinting... it seems like a trivial thing >to fuzz the clock skew randomly, and so render the whole scheme useless. I don't see people skewing their clocks for anonymity any time soon. Besides isn't the test pretty short lived, your clock would have to be changed between test packets, it's not simply a matter of adding a sine wave slew method and changing the clock every hour. Though, I haven't taken the time to really read the article. >-Stewart "Need a cron syntax for 'random', I see." Stremler probably should do it with mon, so there is no concurrent time reset overlap. (Was it Barry G that came up with the aquarium based random number generator a few years back?) // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:[EMAIL PROTECTED] -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
