Clock skew is the new TCP flag

The surprise in my eyes when I read through the papers about how “clock skew” can be used to fingerprint and identify hidden servers, was similar to the surprise I had when I read about nmap and OS fingerprinting the first time ( 2001 ? ). An eye opener in many ways.

It reminded me of Dan Brown’s book, “Angels and Demons”, where they were on a hunt for the hidden “anti-matter particle” container. If the server broadcasting the image was on the internet, they could have flipped airconditioning ( in addition to lights) across the city to detect “clock skew” and narrow down to which part of the city it could have been.

If you have more interesting papers/links/tools to share please let me a comment