[Sigia-l] End of anonymity?
Listera
listera at rcn.com
Fri Mar 4 18:19:43 EST 2005
Peter Steiner's now-classic 1993 New Yorker cartoon "On the Internet nobody
knows you are a dog" has pretty much defined the scope of online anonymity.
Until now.
<http://www.unc.edu/depts/jomc/academics/dri/idog.html>
App designers have traditionally identified a user at the contact point with
their apps through passwords/cookies/server-side tokens/etc. While they
tracked a user through progression of links, the user could hide behind
passwords, NATs, firewalls, false identities, multiple IPs, etc., and remain
opaque to the trackers.
Well, University of California researchers think they have figured out how
to identify computer hardware remotely:
"We introduce the area of remote physical device fingerprinting, or
fingerprinting a physical device, as opposed to an operating system or
class of devices, remotely, and without the fingerprinted device's known
cooperation. We accomplish this goal by exploiting small, microscopic
deviations in device hardware: clock skews. Our techniques do not require
any modification to the fingerprinted devices. Our techniques report
consistent measurements when the measurer is thousands of miles, multiple
hops, and tens of milliseconds away from the fingerprinted device, and when
the fingerprinted device is connected to the Internet from different
locations and via different access technologies. Further, one can apply our
passive and semi-passive techniques when the fingerprinted device is behind
a NAT or firewall, and also when the device's system time is maintained via
NTP or SNTP. One can use our techniques to obtain information about whether
two devices on the Internet, possibly shifted in time or IP addresses, are
actually the same physical device. Example applications include: computer
forensics; tracking, with some probability, a physical device as it connects
to the Internet from different public access points; counting the number of
devices behind a NAT even when the devices use constant or random IP IDs;
remotely probing a block of addresses to determine if the addresses
correspond to virtual hosts, e.g., as part of a virtual honeynet; and
unanonymizing anonymized network traces."
<http://www.caida.org/outreach/papers/2005/fingerprinting/>
Scary?
Ziya
Nullius in Verba
More information about the Sigia-l
mailing list