Forum Moderators: DixonJones
then somebody might say, cookies.. what about cookies? sure, cookies are great but they can also be removed from a user's computer very easily, which eradicates all your efforts to track their movements on your site..
SO.. what to do?.. my solution, or algorithmic starting point towards a solution, is a combination of all the above in conjunction with computer fingerprinting...
by tracking the movements of customers (by some ID) and corralating that with IP addresses and also individual computers, a clearer picture should emerge..
like i said.. this is in the algorithmic and experimental stages yet, but seems to be a pretty solid solution..
problem that remain.. mainly, a rock solid way to fingerprint the computer so that in the event the cookie is removed, it can easily be regenerated based on a unique computer hash..
my initial attempt is using User-Agent, Languages allowed and a couple of other values (experimental!)..
obviously, if it wasn't for layered networking protocols the accessibility of MAC addresses (although spoofable as well) would be useful...
anyone have any thoughts on computer/client/host location tracking, and/or ways to generate truly unique fingerprints using server side scripting?
what i am trying to accomplish is to find a method that produces a computer footprint, which can easily be used thereafter to regenerate the cookie or use server side tracking..
does anybody have any ideas on what parameters, accessible from a server side scripting launguage such as PHP/Python/Perl etc., that could be used to generate some (at least with high probability) unique footprint? an SHA1 hash on unique values could produce a, obviuously not unique, but good footprint vaule based on some distinguishing computer values.
does anybody have any ideas on what parameters, accessible from a server side scripting launguage such as PHP/Python/Perl etc., that could be used to generate some (at least with high probability) unique footprint? an SHA1 hash on unique values could produce a, obviuously not unique, but good footprint vaule based on some distinguishing computer values.
You might get lucky with a small subset of your users who keep the same parameters over a certain period of time (such as a user agent, language tags). However, I would not depend on any set of parameters being able to robustly map to some piece of hardware.
I read some time ago about a research group that attempted to generate footprints of physical computers based on their clock skew as seen through their TCP timestamps. However, this would require a lot more disk storage and cpu to process the TCP packet traces than is currently used for logs. It can also be easily disabled. There is more information at [caida.org...] (Moderators, please allow the link. I verified that it is still active.)
