27 Jul
2016
27 Jul
'16
7:58 a.m.
One of these days, I saw a box whose system time was off by about a minute. No big deal in this case, but significantly smaller difference is a fingerprint of the machine: Alice is off by -0.58390128310s, etc. Getting very good approximation of system time from a browser is not very trivial, but likely writing something like NTP in javascript is doable. Read that tor browser bundle downgrades the clock resolution possibly for other reasons, but IIRC the resolution was enough for this purpose. Can this be used for cookie/deanonymization? Anyone already implemented it/wrote a paper? Quick web search didn't answer exactly this.