70
edits
Security/Anonymous Browsing: Difference between revisions
→Clock Delta+Precision
| Line 123: | Line 123: | ||
==Clock Delta+Precision== | ==Clock Delta+Precision== | ||
The Date object currently provides millisecond accuracy. This accuracy can be | |||
used as an identifier based on clock skew, or can be used to accurately measure | |||
user behaviours for use in fingerprinting. | |||
At least two companies claim to use this accuracy to fingerprint users when | |||
other methods fail: | |||
http://arstechnica.com/tech-policy/news/2010/02/firm-uses-typing-cadence-to-finger-unauthorized-users.ars | |||
One possibility might be to quantize Date values to the second, and then add random, monotonically increasing amounts of milliseconds to subsequent calls during anonymous browsing mode, along with a random per-page or per-origin offset. | |||
==Screen Resolution and Properties== | ==Screen Resolution and Properties== | ||