Page 1 of 1

Can Fingerprinters see my BIOS?

Posted: Sun Apr 01, 2018 1:41
by Mark212
If I visit your website, is it possible for you to view the stuff that's in the BIOS of my PC?
Like, for example, the "HDD Serial number" and/or the "System UUID" look like pretty unique identifiers.
IF you can see such items, then you wouldn't need to bother with anything else, like installed fonts, or Canvas tests.
Just wondering.

Re: Can Fingerprinters see my BIOS?

Posted: Sun Apr 01, 2018 15:48
by Ochnö
Makes sense for spear fishing,but not really for tracking ... cking.html ... ckhacking/ ... g-systems/

for a non high value target,too much effort

The same with this on mac os.
Nice chain :lol:

Impact: Processing a maliciously crafted webpage may result in the mounting of a disk image

Disk Images
Impact: Mounting a malicious disk image may result in the launching of an application

Impact: An application may be able to gain elevated privileges

Impact: A maliciously crafted application may be able to bypass code signing enforcement

they closed it with the last update...hopefully it's really closed ;)

Re: Can Fingerprinters see my BIOS?

Posted: Fri Apr 06, 2018 2:05
by Mark212
WOW. Thanks Very Much for the reply, Ochno.
I read completely all 4 of those links. VERY interesting stuff… especially the Schneier blog post.
So, if I understand correctly, the bottom line is…
Yes, somebody Could see details that are in my BIOS, but they probably wouldn't bother to do it?
Well, I can agree with that… ONLY when the websites use these "fingerprinting" tactics for marketing purposes.
The project that I'm working on involves using a bot to scrape data from a website that doesn't want me to scrape their data.
And this website/company has Lots of money to hire very high-tech programmers for any possible scenario.
Thus, the website probably Would consider going to certain lengths to stop me.

I don't understand why you mentioned the CoreTypes, Disk Images, CoreFoundation, and LaunchServices.
What's the relevance of those sentences? Do they apply only to Mac OS?
Maybe that's irrelevant here… I'm using Windows 7 SP1.

Thanks for the conversation.

Re: Can Fingerprinters see my BIOS?

Posted: Fri Apr 06, 2018 18:10
by Ochnö
1.Your question was general,so I added one example for MAC,because the"believers" always think they are absolutely safe :lol:
Was too lazy to look for something for the pinguin ;) Pretty sure someone can find something.

2.Again-not for advertising and selling things!
If a company does something like this and they get caught-they end up bankrupt and in prison for 25 years minimum!
THIS is 'blackhat"work from its finest!
So,who can do it,without ending in prison(if caught)-all agencies like NSA,CIA,FBI and so on.

3.Today every browser is so complicatet-in former times you could have build on that amount of code a whole OS-so there are holes by accident,but sadly also by purpouse.

It's nearly forgotten nowadays...never ever allow your browser the use of scripting,like JS,flash,JAVA and so on.
It got more tricky.because all browser are too much blown up with "features"wich makes them vulnarable.

btw. you got a credit\debit card?
you buy online?
you have a mortgage?

Answer one question with "yes"-"THEY"now already everything about you and more that you know about yourself ;)

Re: Can Fingerprinters see my BIOS?

Posted: Sat Apr 07, 2018 4:22
by Mark212
1. Yes, my original question was pretty General, and I understand that Real anonymity is (maybe?) Impossible.
What's "pinguin"? Or, are you referring to some Linux OS?
2. Say What?! Basically, a "company getting caught doing THIS is Blackhat / in Serious Trouble."
Are you referring to the Scraping that I want to do, or the Fingerprinting that they would do?
Regardless,… Either way, I wish to politely disagree...
Scraping; Many companies blatantly do it… even Google.
Fingerprinting; Many More companies do it, to determine who visits their website.
WHAT are you thinking is even close to Blackhat in this scenario?
BTW, I'm certainly Not wanting to scrape data From any of the feared 3-letter agencies.
3. I would VERY MUCH APPRECIATE our continuing this conversation via PM. Are you OK with that?
IF this project succeeds, your time and expertise could be well-rewarded.

Re: Can Fingerprinters see my BIOS?

Posted: Sun Apr 08, 2018 15:53
by Ochnö
Fingerprinting is !=getting in someones BIOS!
Getting into someones BIOS is done by cracking which is in the law computer sabotage.25 years or more(US),because law inforcement agencies will not make any difference if you are only hacking(no damage,no stealing)-they see it always as cracking

Fingerprinting=collecting data that differs a bit,or using cookies,tracking pics 1x1 pixels size and so on and loking where ist shows up again(very simple explanation).Then used with supercomputer to get a "picture"of this person.Something like facebook(Cambridge used it),google and other do.
Google right now offers an api which makes browsing faster-but(!)every request is going via google,so they get more data ;)
Sadly THIS still allowed by law...and NO goverment is interested or willing to change this!
WHAT are you thinking is even close to Blackhat in this scenario?
port scanning,pen testing,code injection in a request

a lot of companies threatend,or sued people which found out that the company had security problems with their server\webpage

even crawler some companies won't like ;) (if they find out) but this is a grey area. Can't tell what the law would say in your country

good luck with your project

over and out

Re: Can Fingerprinters see my BIOS?

Posted: Fri Apr 13, 2018 2:18
by Mark212
OK, Ochnö, I assume that your "over & out" means you do not want to continue the conversation.
I'll respect that, but IF you might change your mind on that, Please Do contact me.
Thanks for the info that you Did give.

Re: Can Fingerprinters see my BIOS?

Posted: Tue Jul 16, 2019 18:05
by beryfarnandas
To check your BIOS for biometric support and enable it: Press the Power button to start the computer, and press the F10 key to open the BIOS setup utility. Under System Configuration, look for a Biometric Device option; if it exists, enable it. Press F10 to save this setting and restart the computer.