It is now possible to track and identify a computer anywhere it goes on the Internet by using its clock skew as a method for fingerprinting it. Clock skew is what a computer thinks the time is as compared to other time-keeping with which it is interfacing. And when measured against other quantifiable processes when the computer is connected to the Internet, it can apparently provide a reliable fingerprint, unique and allowing it to be tracked across the Internet. Voila. The clock skew fingerprint.
The clock skew fingerprint is based on the work of University of California graduate student Tadayoshi Kohno, who explains that clock skew fingerprinting works by taking advantage of the fact that typically “each party in a TCP flow includes information about its perception of time in each outgoing packet. A fingerprinter can use the information contained within the TCP headers to estimate a device’s clock skew and thereby fingerprint a physical device.”
This, by the way, is all done without the knowledge or any cooperation from the owner of the Internet-connected device being tracked and fingerprinted by its clock skew. Says Kohno, “For all our methods, we stress that the fingerprinter does not require any modification to or cooperation from the fingerprintee.” Even more impressive when you consider that they have successfully used clock skew fingerprints to track devices using just about every popular operating system, including Windows, OS X, Linux, FreeBSD, and even Pocket PCs.
|Get notified of new Internet Patrol articles for free!
|Or Read Internet Patrol Articles Right in Your Inbox!
as Soon as They are Published! Only $1 a Month!
Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
Did we say “impressive”? Or..maybe..scary? Says Kohno of his clock skew fingerprints “our technique can be mountable by adversaries thousands of miles and multiple hops away.” And without the clock skew fingerprintee’s knowledge that they and their computer are being tracked.
“One could also use our techniques to help track laptops as they move, perhaps as part of a Carnivore-like project”. An example, says Kohno, is that one can use clock skew fingerprints “to argue whether a given laptop was connected to the Internet from a given access location”.
Actually the abstract from Kohno’s thesis summarizes it pretty well:
“We accomplish this goal by exploiting small, microscopic deviations in device hardware: clock skews. Our techniques do not require any modification to the fingerprinted devices. Our techniques report consistent measurements when the measurer is thousands of miles, multiple hops, and tens of milliseconds away from the fingerprinted device, and when the fingerprinted device is connected to the Internet from different locations and via different access technologies. Further, one can apply our passive and semi-passive techniques when the fingerprinted device is behind a NAT or firewall, and also when the device’s system time is maintained via NTP or SNTP”
We will control the horizontal. We will control the vertical.
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!
|Get notified of new Internet Patrol articles!