In information security, a fingerprinting algorithm uniquely identifies the hardware, software or data. Just as human fingerprints uniquely identify people for practical purposes. This fingerprint may be used in penetration tests or for vulnerability management.
Questions tagged [fingerprint]
108 questions
1
vote
1 answer
How could I know if a website is fingerprinting you via WebGL?
I would like to know if a website is fingerprinting me via WebGL,
first of all, knowing if the site is doing it
Knowing when they send the request to my browser
Knowing what value I am reporting to the site
Important thing to notice, in sites like…
The Dan
- 111
- 3
1
vote
2 answers
Browser fingerprint is unique while running a VM of a clean install of Windows 10
So I used Qemu on Ubuntu 20 to emulate a computer running windows 10. I kept all of Qemu default values. Then, while installing the Windows 10 iso, I kept all the default values once again. Finally, I went on :
https://amiunique.org/fp
And the site…
propre_poli
- 13
- 3
1
vote
2 answers
How to configure a VM to protect all my hardware fingerprint from guest OS and softwares?
This question was originally Does Firefox in VM have a common enough fingerprint so I don't need tor browser? in Tor community.
I want to know about what a web browser's fingerprint like in a VM, if
VM runs a common OS and have default system…
Bob Johnson
- 141
- 4
1
vote
1 answer
Can any of your recognisable personal information be linked to your device fingerprint?
I learned that a device probably has a device fingerprint to the eyes of a company that operates online. I'm not sure how this fingerprint is managed by its collectors, but it's plausible that it could be shared and spread between the companies…
user223275
1
vote
0 answers
How much entropy does Apple Touch ID sensor read fingerprint has?
Iphone uses by default 6-digit PIN that has an entropy of 19.93 bits
When iPhone processes the fingerprint, how much entropy does it have?
How long should standard passphrase be until it is as secure as touch id fingerprint?
Is there any research…
ccccc1cc
- 11
- 3
1
vote
2 answers
What can a 3rd party learn about a user through only CSS and images?
In its default settings, uMatrix content blocker allows CSS and images (JPG, PNG, etc) from all sources, unless denied by a site-specific block list. It also allows 1st party cookies, scripts, and multimedia.
How much can a 3rd party learn about a…
Foo Bar
- 367
- 2
- 11
1
vote
2 answers
Anonymity: standardization or randomization?
I wonder if it's better to standardize or randomize data for anonymity. For example, think of browser fingerprinting. If you standardize every parameter, you would have all browsers returning the same user-agent, the same installed fonts, the same…
reed
- 15,398
- 6
- 43
- 64
1
vote
1 answer
Banking app logon - multiple fingerprints on a device vs 2 passwords known by 1 person
Yesterday I logged on to my banking app via my iPhone. The normal procedure was to enter information that consisted of:
The answer to a security question. This had to be entered in full and was the same during each login.
Three characters from an…
Andrew
- 11
- 2
1
vote
0 answers
Reason for iOS and Android fingerprint behaviour
Both iOS and Android allow using a fingerprint sensor for logging in, and allow applications to store secrets that can only be unlocked using the fingerprint. Both allow one or more fingerprints to be stored, and allow adding or removing…
gnasher729
- 1,823
- 10
- 14
1
vote
2 answers
How secure is the fingerprint sensor in the Pixel 3?
As far as I understand different fingerprint scanners have different security levels. Old fingerprint print scanners could be fooled quite easily as the CCC (Chaos Computer Club) demonstrated.
How much can I trust the Fingerprint sensor in Google's…
Christian
- 1,876
- 1
- 14
- 23
1
vote
1 answer
When first connecting via SSH to my server, the reported fingerprint does not match that given to me when I generated the SSH key
When I used ssh-genkey on macOS to generate the pair of key files (one named with .pub), that tool reported a SHA256 hash as a public key fingerprint.
When first connecting to my server, a Digital Ocean droplet virtual server instance running…
Basil Bourque
- 137
- 6
1
vote
1 answer
Preventing OS fingerprinting
I am working on a project and I need to hide my Linux OS from nmap or other OS identification tools. I read many articles about TCP/IP stack and changed many properties such as TTL and packet size but it doesn't seem to work and it creates many…
aahmed khiar
- 13
- 3
1
vote
0 answers
IRC client with ability to verify server's self-signed cert fingerprint
I'm playing around with UnrealIRCd on CentOS. Just went through the config and compiling and got the ircd up and running.
When I go to connect to it via HexChat I can only get through by checking the box on HexChat that allows self-signed…
m0p3r
- 41
- 6
1
vote
0 answers
How can I fingerprint Yii framework version?
I am currently testing in a black box manner an application written in Yii framework.
How can I fingerprint Yii framework exact version? It's there a public file or function that I can use to perform such actions?
Thanks.
Lucian Nitescu
- 1,802
- 1
- 13
- 27
1
vote
0 answers
How to verify certificate fingerprint?
I downloaded Veracrypt and its sig file. I go ahead and import it into Kleopatra to verify it (using Windows gpg4win). Now i reach this step:
It asks me whether i have verified the fingerprint. How do i do that? I'm also a bit confused as to what…
KeyC0de
- 133
- 8