Posts

Showing posts from April 10, 2011

Clock skew is the new TCP flag

The surprise in my eyes when I read through the papers about how "clock skew" can be used to fingerprint and identify hidden servers, was similar to the surprise I had when I read about nmap and OS fingerprinting the first time ( 2001 ? ). An eye opener in many ways. It reminded me of Dan Brown's book, "Angels and Demons", where they were on a hunt for the hidden "anti-matter particle" container. If the server broadcasting the image was on the internet, they could have flipped airconditioning ( in addition to lights) across the city to detect "clock skew" and narrow down to which part of the city it could have been. http://www.schneier. com/blog/archives/20 11/04/pinpointing_a_ c.html http://www.schneier. com/blog/archives/20 05/03/remote_physica l.html   http://www.caida.org /publications/papers /2005/fingerprinting /KohnoBroidoClaffy05 -devicefingerprintin g.pdf   http://www.hackitoer gosum.org/2010/HES20 10-rlifchitz-Fingerp rinting-hardwa