In information security, a fingerprinting algorithm uniquely identifies the hardware, software or data. Just as human fingerprints uniquely identify people for practical purposes. This fingerprint may be used in penetration tests or for vulnerability management.
Questions tagged [fingerprint]
108 questions
3
votes
3 answers
Making transactions only, or almost only, by QR codes
I have a OnePlus 6 smartphone and I recently opened a bank account in a bank which seems to me very innovative in the context going payment card (debit/credit) free (using only application and/or cash).
It will not necessarily be my main bank…
user123574
3
votes
1 answer
How can websites know that I accessed them before if I use a VM and different IP?
I created a virtual machine with a clean Windows install on it. On that PC I create a virtual switch and I link it to one of my Wi-Fi boards. I disable IPv4 and IPv6 on that connection so I am not able to connect to the internet from the main PC,…
user203516
- 41
- 3
3
votes
1 answer
Is there a way to find out what information website queries about us?
What tool or software should I look for to find out what "fingerprinting" data
a website is tracking?
Like, I want to know, if website looks for a cache and/or fonts installed in system, or Canval, WebGL methods. There was a great project doing…
Anton
- 141
- 1
3
votes
1 answer
Will disabling WebGL make me more or less unique on the internet?
I have wondered whether disabling WebGL will make me more or less unique, I fiddled around with https://panopticlick.eff.org/ to see what would happen.
If I keep it enabled I am 1/205.66, with me being 1/465611.25 browsers visiting. However, if I…
no nein
- 131
- 4
3
votes
1 answer
Self-signed certs on LAN shared with others
My WiFi is shared with my family, and my siblings have friends come over sharing the WiFi password carelessly. Anyone of those guests could have a rogue device and not even know it.
My brother has his own PC and I'm concerned about my brother's…
m0p3r
- 41
- 6
3
votes
0 answers
How does biometric authentication work from a technical perspective?
Together with a colleague, we discussed the way of biometric authentication and how this works out.
Both of us are only interested in security but far from being an expert on the technical side. Therefore, we are reaching out to you.
The following…
Alex
- 31
- 1
3
votes
1 answer
Google's Certificate Fingerprint doesn't match with the Fingerprints in the Chrome's "net-internals" configurations
As you may know, you can query chrome's HSTS/PKP sets for a domain in the page chrome://net-internals as below:
As you see above, there are four SHA256 hash values (in the middle of page and in base64 format) for www.google.com.
If we convert those…
Ebrahim Ghasemi
- 264
- 2
- 10
3
votes
1 answer
Combating Networks of Forged OpenPGP Keys on Public Keyservers
I recently noticed that someone has created an elaborate forgery of my OpenPGP key. Specifically, they orchestrated a short key (32-bit) fingerprint collision, and also forged additional keys to match those that signed my original identity (also…
afourney
- 419
- 3
- 11
3
votes
2 answers
Will the OpenPGP key fingerprint change if the certificate is extended?
Should the fingerprint of a renewed (extended) OpenPGP Key be the same? Is there any documentation on it (RFC)?
Quoting from RFC 4880:
There are many ways possible for two keys to have the same key
material, but different fingerprints (and thus Key…
cyzczy
- 1,518
- 5
- 21
- 34
3
votes
2 answers
Accuracy of Iris Biometric Authentication
I understand that the iris is the most accurate biometric modality since it has a false acceptance rate of about 1 in 1,000,000. Fingerprint on the other had is about 1 in 1000.
These error rates seem too high in my opinion. If a fingerprint system…
Minaj
- 1,536
- 2
- 14
- 23
3
votes
1 answer
What are the NIST/FBI requirements for Fingerprint readers, and Iris scans?
Background
I'm trying to locate the US government standard for fingerprint readers and mobile devices.
I heard in passing that the iOS fingerprint reader only scans 9 points, where the FBI requirement is 30 points.
The iris scan is reportedly…
makerofthings7
- 50,090
- 54
- 250
- 536
3
votes
1 answer
Is there value in slowing down retries on a fingerprint lock?
My phone has a fingerprint lock and it sometimes fails to identify my fingerprint (for example, if it wasn't positioned correctly).
If I fail fingerprint identification 5 times in a row, I'm locked out for 30 seconds. This is very annoying for the…
ColBeseder
- 320
- 3
- 11
3
votes
0 answers
Local sockets: does SSL add security?
Situation
We have a Windows Service that is listening on a TCP port. This service is responsible for capturing a user's fingerprint using the Windows Biometric Framework, when requested to do so by a client. It then sends the image through the…
Michael
- 5,393
- 2
- 32
- 57
3
votes
2 answers
How do I know a new host key is safe to accept?
I am frequently rebuilding servers for staging and development. I connect to them with SSH for provisioning.
In the process, I'll destroy a VM, rebuild it, and provision it all over again with the new scripting.
One small issue I have is that my…
shanemgrey
- 153
- 5
2
votes
1 answer
User-friendly TLS certificate validation
I'm designing an application in which clients generate their own TLS certificates ad-hoc (there's no central authority).
When two clients interact for a first time, I need for them to mutually check their peers' certificate. I know that fingerprints…
WhyNotHugo
- 208
- 1
- 9