Tracking Internet Computers

[Jim Kuzdrall]

Greetings,

    An article today on CNET says "A doctoral student at the University 
of California has conclusively fingerprinted computer hardware 
remotely, allowing it to be tracked wherever it is on the Internet."

http://www.zdnet.com.au/news/security/0,2000061744,39183346,00.htm

    The explanation is:

    'The technique works by "exploiting small, microscopic deviations in 
device hardware: clock skews." In practice, Kohno's paper says, his 
techniques "exploit the fact that most modern TCP stacks implement the 
TCP timestamps option from RFC 1323 whereby, for performance purposes, 
each party in a TCP flow includes information about its perception of 
time in each outgoing packet. A fingerprinter can use the information 
contained within the TCP headers to estimate a device's clock skew and 
thereby fingerprint a physical device."'

     Of course, I don't mind the FBI or DOD tracking my computer's 
Internet presence to keep the US safe and to remind me if I 
inadvertently do something "Un-American".  But there are evil people 
out there who might wish to steal from me, force me to comply with 
their wishes against my will, or interfere with my ability to 
communicate with others.

     Could one add a random, zero averaged offset to the computer clock 
using hwclock?  The offset might be changed every hour, perhaps.  Would 
that alter the skew derived from the TCP stack? 

Jim Kuzdrall