gregbo (gregbo) wrote,
gregbo
gregbo

  • Mood:

remote physical device fingerprinting

An article on c|net reports some research done at UCSD and CAIDA that they (c|net) claim has the potential to identify physical computers by their clock skew, even if they are behind network address translation devices or firewalls. The techniques are based on analyzing the timestamps that are put into TCP packets.

I have only read about a third of the paper, but so far, I think this has limited utility. Above all else, TCP does not require timestamps to operate, so anyone who cares about anonymity will just disable the feature, or use computers without the feature. Perhaps in the short term, this sort of thing might be useful for identifying spammers who have a long history of contacting certain sites, but only until they disable TCP timestamps.

BTW, score one for Google on this. I did a query for

+kohno +tcp +fingerprinting

at Ask Jeeves, Google, and Yahoo hoping to find the mailing list where this had been mentioned. Google provided NANOG as the first result. The other two didn't mention NANOG (at least in the first couple of results pages). Ask Jeeves had a sponsored link that was highly irrelevant (imho), losing them a point with me as far as using them for future results. (Interesting that they recently won a syndicated search contract to serve search results to Lycos once held by Yahoo. Granted, this is an unusual query.) There was no followup discussion to the post, reinforcing my feelings that this research isn't likely to go very far.

Still no French. Since this sort of thing is potentially important to my career (at least as far as understanding how something like this works, even if it has limited utility), such as it is, I must spend extra time on it. Oh well. C'est la vie.
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 1 comment