IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [fingerprint]

In information security, a fingerprinting algorithm uniquely identifies the hardware, software or data. Just as human fingerprints uniquely identify people for practical purposes. This fingerprint may be used in penetration tests or for vulnerability management.

108 questions
8
votes
1 answer

Will two smartphones (identical hardware and software) generate the same canvas fingerprint?

When using Canvas Fingerprint (like on this website) to distinguish users, does two smartphones (same model, same OS version, and no browser/plugin customization) will share the same fingerprint?
Matthieu Charbonnier
  • 183
  • 4
7
votes
3 answers

What is the difference between the many identifiers in GnuPG?

GnuPG seems to have number of different ways to refer to a (sub)key(pair): Key IDs Fingerprints Keygrips Additionally, gpg --list-sigs seems to show hexadecimal identifiers for signatures and such as well. Sometimes such IDs are abbreviated. All…
jotik
  • 221
  • 1
  • 7
6
votes
2 answers

How secure is the new MacBook Pro's Touch ID?

I'm afraid that if I will lose my laptop while turned on, somebody might take the fingerprint off the screen or somewhere else and unlock my laptop with the fingerprint sensor. Is this a valid concern?
user34692
  • 61
  • 1
  • 2
5
votes
2 answers

Face ID vs Touch ID

While unveiling iPhone X, Apple made a statement to this end: With Touch ID, it stated that there was a 1 in 50,000 chance that someone would be able to open your phone with their fingerprint. These numbers were a little better for Face ID, at…
Kanchu
  • 155
  • 6
5
votes
2 answers

Check fingerprint for own self signed SSL certificate

I have generated my own SSL certificate for a web server on the internet, however this was for three reasons: Fun Not wanting to buy an SSL certificate Trying to get an A rating (excluding trust issues) on SSL Labs SSL Test. However, now that I've…
Gary
  • 165
  • 2
  • 6
5
votes
2 answers

Received UDP packet with IP ID of zero:

I am scanning a host in our network with Nexpose and one of the vulnerabilities reported is Received UDP packet with IP ID of zero: IPv4 SRC[10.0.0.5] TGT[127.0.0.1] TOS[192] TTL[64] Flags[40] Proto[17] ID[0] FragOff[0] HDR-LENGTH[20]…
LUser
  • 824
  • 6
  • 12
4
votes
2 answers

How to establish a random OTR remote party as a specific individual?

In reading Glenn Greenwald's 2014 book No place to hide, one thing stood out to me as a bit odd. Greenwald details how Edward Snowden was insistent that Greenwald install PGP in order to communicate securely, but Snowden then later (before PGP…
user
  • 7,670
  • 2
  • 30
  • 54
4
votes
2 answers

Is there a standard, storage algorithm or protocol for fingerprints?

What are the generic conventions and standards for storing and identifying biometric fingerprints out there? Are there some RFC documents for that? As a sub-question: suppose I want to preserve my own fingerprint on some digital media - is there a…
Reflection
  • 219
  • 2
  • 6
4
votes
1 answer

Effect of Firefox's "Responsive Design Mode" on the browser's fingerprint

Today I switched ON the "Responsive Design Mode" under the "Web Developer" Section of the Firefox menu, and from the dropdown menu selected "iPhone X/XS iOS 12". So now every webpage I visited was being sent the request that the screen size of my…
user
  • 275
  • 1
  • 5
4
votes
2 answers

Remmina RDP Certificate Fingerprint Changed

I've been using Remmina to connect to my RDP server across the internet. When I first connected to the server, I had to accept the certificate. I have not had to do that since the first time I connected. Now, after using this server for a long time,…
Doug
  • 41
  • 3
4
votes
4 answers

Could it be possible to hijack physical finger prints in digital form and use them to gain access to other devices and locations?

With more and more devices accepting finger prints in place of passwords, could it be possible to "keylog" these finger prints on mobile devices, for example, by installing a rogue application and then reproducing that finger print either digitally…
Jason
  • 3,086
  • 4
  • 20
  • 24
4
votes
0 answers

What encryption type does Windows Hello use for fingerprint information on Windows 10 latest build?

I've contacted Microsoft support and they said they don't support encryption, which is why I'm posting here. Basically, what I'm wondering is, if a modern laptop has TPM 2.0 enabled and hardware encryption enabled and then they want to use Windows…
Magnetox
  • 41
  • 2
4
votes
1 answer

SSH Server Authentication

I know this question was asked several times in several ways, for example: Can an SSH server fingerprint be spoofed? What stops an SSH server from MITMing logins? However, none provided the answer I was hoping to find (I think...). I'm working…
Lior Ohana
  • 143
  • 3
3
votes
2 answers

Browser fingerprints, theory or reality?

As you may or may not be aware, even when browsing "incognito", you can theoretically be tracked. Browsers have unique fingerprints, just like people do. Check this link to learn more. While I can easily see and understand the theory behind it,…
Keltari
  • 261
  • 2
  • 8
3
votes
1 answer

Is it safe to store and transmit fingerprint templates in ANSI or ISO formats in cleartext format?

I working on a setup where I'm getting users to scan their fingers for fingerprint at a local machine but, the templates are stored at a centralized server for efficiency reasons. Since the verification SDK resides at the local machine, the server…
Vineet Menon
  • 393
  • 3
  • 10
1
2
3 4 5 6 7 8