科技回声

21 条评论

mpeg大约 8 年前

Guessing OS is pretty simple though, I recommend the book "Silence on the wire" [0] for a thorough explanation of passive network fingerprinting.TL;DR is that the each TCP stack has unique characteristics that are hard to spoof (you'd have to bypass the OS TCP stack and build your own that mimics another) and definitely out of reach for tools that run in sandboxed environments (like browser extensions)edit: Also, the author of that book, Michal Zalewski, made open source tool p0f [1] that implements some of those techniques to identify spoofed user agents.<pre><code> [0]: https://www.amazon.com/gp/product/1593270461 [1]: http://lcamtuf.coredump.cx/p0f3/</code></pre>

评论 #14203825 未加载

评论 #14208947 未加载

评论 #14207462 未加载

评论 #14202873 未加载

评论 #14207207 未加载

评论 #14202830 未加载

评论 #14202875 未加载

arnon大约 8 年前

I had a project I did for university a few years back, and we'd identify the browser or application just by looking at the timing information between packets (without looking at ports, source/destination, etc.).We could identify malware with around 85% accuracy, which was pretty good without any other marker.

评论 #14206679 未加载

评论 #14207694 未加载

lossolo大约 8 年前

Wrote my thesis about passive and active fingerprinting, it's very easy to do, most operating systems network stacks have different default values like window size, ttl etc. p0f[1] was pretty good back then.<a href="http://lcamtuf.coredump.cx/p0f3/" rel="nofollow">http://lcamtuf.coredump.cx/p0f3/</a>

dbg31415大约 8 年前

My fonts gave me away... Damn fonts, I need those for various design files I open. Any way to limit my browser's access to my system fonts?

评论 #14203795 未加载

Operyl大约 8 年前

"An error has occurred" while trying to fingerprint my browser in iOS, (not with the browser, but their toolset). Guess it failed to fingerprint me technically hah.

评论 #14202890 未加载

j_s大约 8 年前

Is lower-level fingerprinting enough to detect the difference between ARM / x86 linux?How far would I have to go to setup a truly legit honeypot on a Raspberry Pi? Is anyone already doing this? The following article doesn't get into userland IP stack:<a href="https://www.redpill-linpro.com/sysadvent/2016/12/19/raspberry-pi-honeynet.html" rel="nofollow">https://www.redpill-linpro.com/sysadvent/2016/12/19/raspberr...</a>

nightbrawler大约 8 年前

Previous Discussion: <a href="https://news.ycombinator.com/item?id=12198358" rel="nofollow">https://news.ycombinator.com/item?id=12198358</a>

dijit大约 8 年前

it guessed I had a variant of Linux, yet I'm running FreeBSD with no spoofing of any kind.(which is corroborated in both the user agent and the javascript uname sections)

评论 #14203350 未加载

评论 #14206067 未加载

michaelsbradley大约 8 年前

TorBrowser 7.0a3: indicates it's running on Windows, but my OS was fingerprinted as Linux. I'm actually running it on macOS.

评论 #14202940 未加载

Kipters大约 8 年前

It failed to recognize my browser as Edge, it thinks it's Firefox<a href="http://browserprint.info/view?source1=UUID&UUID1UUID=fa204a95-8046-441e-9e97-33a0eb6ddb80" rel="nofollow">http://browserprint.info/view?source1=UUID&UUID1UUID=fa204a9...</a>

评论 #14204448 未加载

kakarot大约 8 年前

I was a little concerned when it said I had a unique fingerprint out of the 25k tested so far, but then I remembered I'm spoofing a new user-agent every few minutes. It still managed to guess my true operating system of course :)

评论 #14203052 未加载

评论 #14207066 未加载

OJFord大约 8 年前

My randomised user-agent happened to tell it the truth, but browserprint 'detected' that I was instead using a different OS and browser.I'm also using a fingerprint-blocking plugin, which seems to be doing its job!

评论 #14206493 未加载

ArtDev大约 8 年前

Both Hulu and Netflix block Ubuntu, so this sucks for people like me who use Linux as their primary media OS.Hopefully this doesn't catch on or we have to find another way to spoof these sites.

nayuki大约 8 年前

Seems similar to Panopticlick which was released years ago: <a href="https://panopticlick.eff.org/" rel="nofollow">https://panopticlick.eff.org/</a>

评论 #14207172 未加载

joshdance大约 8 年前

What are the legitimate uses for fingerprinting?

评论 #14205341 未加载

评论 #14204114 未加载

评论 #14203394 未加载

评论 #14205395 未加载

评论 #14203672 未加载

评论 #14205128 未加载

评论 #14208671 未加载

floatboth大约 8 年前

Heh, my WebGL renderer "ANGLE (AMD Radeon (TM) RX 480 Direct3D11 vs_5_0 ps_5_0)" is unique. And character sizes o_0

lightedman大约 8 年前

Still hasn't guessed my MenuetOS box.

nayuki大约 8 年前

I keep failing the CAPTCHA. Why is this part designed so badly?

评论 #14207029 未加载

评论 #14211451 未加载

pweissbrod大约 8 年前

Apparently with firefox there is a request to enable flash (which i purposely dont install)I'm led to assume adobe flash is the piece which actually divulges all the secrets about my machine. Not surprising.

评论 #14203853 未加载

评论 #14203126 未加载

评论 #14203650 未加载

bradknowles大约 8 年前

Hmm. Doesn't seem to work on iOS. ;)

reneberlin大约 8 年前

damn, it doesn't work on lynx. should i update my browser?

21 条评论

mpeg大约 8 年前

评论 #14203825 未加载

评论 #14208947 未加载

评论 #14207462 未加载

评论 #14202873 未加载

评论 #14207207 未加载

评论 #14202830 未加载

评论 #14202875 未加载

arnon大约 8 年前

评论 #14206679 未加载

评论 #14207694 未加载

lossolo大约 8 年前

dbg31415大约 8 年前

My fonts gave me away... Damn fonts, I need those for various design files I open. Any way to limit my browser's access to my system fonts?

评论 #14203795 未加载

Operyl大约 8 年前

"An error has occurred" while trying to fingerprint my browser in iOS, (not with the browser, but their toolset). Guess it failed to fingerprint me technically hah.

评论 #14202890 未加载

j_s大约 8 年前

nightbrawler大约 8 年前

Previous Discussion: <a href="https://news.ycombinator.com/item?id=12198358" rel="nofollow">https://news.ycombinator.com/item?id=12198358</a>

dijit大约 8 年前

it guessed I had a variant of Linux, yet I'm running FreeBSD with no spoofing of any kind.(which is corroborated in both the user agent and the javascript uname sections)

评论 #14203350 未加载

评论 #14206067 未加载

michaelsbradley大约 8 年前

TorBrowser 7.0a3: indicates it's running on Windows, but my OS was fingerprinted as Linux. I'm actually running it on macOS.

评论 #14202940 未加载

Kipters大约 8 年前

评论 #14204448 未加载

kakarot大约 8 年前

评论 #14203052 未加载

评论 #14207066 未加载

OJFord大约 8 年前

评论 #14206493 未加载

ArtDev大约 8 年前

Both Hulu and Netflix block Ubuntu, so this sucks for people like me who use Linux as their primary media OS.Hopefully this doesn't catch on or we have to find another way to spoof these sites.

nayuki大约 8 年前

Seems similar to Panopticlick which was released years ago: <a href="https://panopticlick.eff.org/" rel="nofollow">https://panopticlick.eff.org/</a>

评论 #14207172 未加载

joshdance大约 8 年前

What are the legitimate uses for fingerprinting?

评论 #14205341 未加载

评论 #14204114 未加载

评论 #14203394 未加载

评论 #14205395 未加载

评论 #14203672 未加载

评论 #14205128 未加载

评论 #14208671 未加载

floatboth大约 8 年前

Heh, my WebGL renderer "ANGLE (AMD Radeon (TM) RX 480 Direct3D11 vs_5_0 ps_5_0)" is unique. And character sizes o_0

lightedman大约 8 年前

Still hasn't guessed my MenuetOS box.

nayuki大约 8 年前

I keep failing the CAPTCHA. Why is this part designed so badly?

评论 #14207029 未加载

评论 #14211451 未加载

pweissbrod大约 8 年前

评论 #14203853 未加载

评论 #14203126 未加载

评论 #14203650 未加载

bradknowles大约 8 年前

Hmm. Doesn't seem to work on iOS. ;)

reneberlin大约 8 年前

damn, it doesn't work on lynx. should i update my browser?

Browserprint: Browser fingerprint tool now can guess client OS even when spoofed

21 条评论

Browserprint: Browser fingerprint tool now can guess client OS even when spoofed

21 条评论