At 11:01 03/16/2005 -0500, George Georgalis wrote: >On Tue, Mar 15, 2005 at 08:14:25PM -0800, Stewart Stremler wrote: >>begin quoting George Georgalis as of Tue, Mar 15, 2005 at 10:33:36PM -0500: >>[snip] >>> the subject "hardware fingerprinting" is no less contiguous then the >>> thread. ...if you don't reset your ttl then they will really know it was >>> you, the men in the black helicopters don't even have to unerase your >>> disks to tell what you've been up to. >> >>Ah, I see. Since all data comes from the network and none of it of >>any worth is created locally, they have an archive of all the bytes >>you've downloaded anyway, and so they know what your system may look >>like. > >Yes, now the fire is burning... > >>With regards to the fingerprinting... it seems like a trivial thing >>to fuzz the clock skew randomly, and so render the whole scheme useless. > >I don't see people skewing their clocks for anonymity any time soon. >Besides isn't the test pretty short lived, your clock would have to >be changed between test packets, it's not simply a matter of adding >a sine wave slew method and changing the clock every hour. Though, I >haven't taken the time to really read the article.
You may already have some degree of clock randomness and not even know it. One of the methods used to reduce EMI (ElectroMagnetic Interference) is to use a variable clock rate to achieve spread-spectrum operation. This reduces the single frequency harmonic strength and allows the equipment to pass the FCC test for emissions. It doesn't carry over to the peripheral clocks yet that I know of but it is on newer motherboards already for RAM and CPU clocks. >>-Stewart "Need a cron syntax for 'random', I see." Stremler > >probably should do it with mon, so there is no concurrent time reset >overlap. > >(Was it Barry G that came up with the aquarium based random number >generator a few years back?) Sounds interesting. What was the source of the random numbers? An optical sensor on the bubbles from the aerator or a microphone? Sonic emmisions aren't as random as you might think. Just ask carl. Gus "Hunting Red October" Wirth -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
