Other means of tracking you online

5 posts / 0 new
Last post
Other means of tracking you online

[b]Other means of tracking you online[/b]

Race Is On to 'Fingerprint' Phones, PCs

IRVINE, Calif.—David Norris wants to collect the digital equivalent of fingerprints from every computer, cellphone and TV set-top box in the world.

He's off to a good start. So far, Mr. Norris's start-up company, BlueCava Inc., has identified 200 million devices. By the end of next year, BlueCava says it expects to have cataloged one billion of the world's estimated 10 billion devices.

Advertisers no longer want to just buy ads. They want to buy access to specific people. So, Mr. Norris is building a "credit bureau for devices" in which every computer or cellphone will have a "reputation" based on its user's online behavior, shopping habits and demographics. He plans to sell this information to advertisers willing to pay top dollar for granular data about people's interests and activities.

EFF: Forget cookies, your browser has fingerprints

Even without cookies, popular browsers such as Internet Explorer and Firefox give Web sites enough information to get a unique picture of their visitors about 94 percent of the time, according to research compiled over the past few months by the Electronic Frontier Foundation.

The research puts a quantitative assessment on something that security gurus have known about for years, said Peter Eckersley, the EFF senior staff technologist who did the research. He found that configuration information -- data on the type of browser, operating system, plugins, and even fonts installed can be compiled by Web sites to create a unique portrait of most visitors.

This means that most Internet users are a lot less anonymous than they believe, Eckersley said. "Even if you turn off cookies and you use a proxy to hide your IP address, you could still be tracked," he said.

Tracking PCs anywhere on the Net

Anonymous Internet access is now a thing of the past. A doctoral student at the University of California has conclusively fingerprinted computer hardware remotely, allowing it to be tracked wherever it is on the Internet.


The technique works by "exploiting small, microscopic deviations in device hardware: clock skews." In practice, Kohno's paper says, his techniques "exploit the fact that most modern TCP stacks implement the TCP timestamps option from RFC 1323 whereby, for performance purposes, each party in a TCP flow includes information about its perception of time in each outgoing packet. A fingerprinter can use the information contained within the TCP headers to estimate a device's clock skew and thereby fingerprint a physical device."


Each of the linked articles is worth reading in full.


Boom Boom Boom Boom's picture

A bit of thread drift (sorry...):

One of the panelists on the Bill Maher show (HBO) last night said: "Government wiretapping and mass email hacking goes back to the 1990s, and J. Edgar Hoover even before then had microphones under the desk in the Oval Office."


I didn't see a link to this (or I missed it). But here's the test:



I did miss it; it's on the second page.


Boom Boom!!!!!


radiorahim radiorahim's picture

In this video from the Chaos Computer Conference in 2011 the speakers explain the constant "cat and mouse" game that's played by the folks who are behind the "Tor Project" with governments and corporations.

In this environment, projects like the Freedom Box Project are more critical than ever.   Mind you, building the software stack to build devices that enable you to protect your privacy is quite a difficult task.   Bdale Garbee explains in this video at Linux Conf Australia 2012.