access:key_tamper_detection
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
access:key_tamper_detection [2011/02/14 18:56] mjallison |
access:key_tamper_detection [2012/10/10 16:20] (current) |
||
|---|---|---|---|
| Line 18: | Line 18: | ||
| Saved information should be stored in a non obvious manner. For instance, saving on a file store the file should, at least, be given an abstract name, not related to Licenses. The contents of the store will be hashed and signed versions of the parameter information. The save parameters may be readable with effort, but the signature uses a significantly strong encryption mechanism to prevent casual tampering (current thinking is to use SHA-512). | Saved information should be stored in a non obvious manner. For instance, saving on a file store the file should, at least, be given an abstract name, not related to Licenses. The contents of the store will be hashed and signed versions of the parameter information. The save parameters may be readable with effort, but the signature uses a significantly strong encryption mechanism to prevent casual tampering (current thinking is to use SHA-512). | ||
| ====== Parameters ====== | ====== Parameters ====== | ||
| + | Grabbing system parameters is highly platform dependent. The following platforms are musts for coverage: | ||
| + | * Windows XP and beyond - Custom code | ||
| + | * Android - /Proc file system like Linux | ||
| + | |||
| + | The following platforms are highly desireable: | ||
| + | * Linux - /proc file system like Android | ||
| + | * OS X - ? | ||
| + | |||
| + | Because the purpose of fingerprinting the system is make a checked out key non-transferable, the implementation of the fingerprint routines need not be platform independent. In fact, each platform may use a different set of parameters. | ||
| | **Parameter** | **Weight** | **Notes** | | | **Parameter** | **Weight** | **Notes** | | ||
| | Mac Address | 9 | Retrievable in Java 6, java.net.NetworkInterface | | | Mac Address | 9 | Retrievable in Java 6, java.net.NetworkInterface | | ||
| | EIN Number | 9 | http://stackoverflow.com/questions/2322234/how-to-find-serial-number-of-android-device | | | EIN Number | 9 | http://stackoverflow.com/questions/2322234/how-to-find-serial-number-of-android-device | | ||
| - | | Processor Info | 9 | # Processors, speed, model, "/proc/cpuinfo" Good on Linux & Android | | + | | Processor Info | 9 | # Processors, speed, model, "/proc/cpuinfo" Good on Linux & Android | |
| + | | | | Windows REG <html>\\HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\[0, 1, ...]</html> | | ||
| | Memory Size | 5 | /proc/meminfo on Linux & Android | | | Memory Size | 5 | /proc/meminfo on Linux & Android | | ||
| + | | | | Winds REG <html></html> | | ||
| | Disk partitions | 7 | /proc/partitions | | | Disk partitions | 7 | /proc/partitions | | ||
| | OS Version | 3 | /proc/version | | | OS Version | 3 | /proc/version | | ||
| - | | Sound card | 4 | /proc/asound/cards | | + | | | | Windows REG <html>HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProductId</html> | |
| + | | BIOS Version | 3 | Linux - N/A | | ||
| + | | | | Windows REG <html>HKLM\HARDWARE\DESCRIPTION\System\SystemBiosVersion</html> | | ||
| | System Clock | 0 | Not used for system finger printing, check to make sure clock was not set back. | | | System Clock | 0 | Not used for system finger printing, check to make sure clock was not set back. | | ||
access/key_tamper_detection.1297709789.txt.gz · Last modified: 2012/10/10 16:20 (external edit)
Page Tools
