Device fingerprinting using clock skew

This is a cute hack — these guys are able to “fingerprint” a networked device just by looking at how quickly its clock loses or gains time compared to the true time (its clock skew).

Example applications include: computer forensics; tracking, with some probability, a physical device as it connects to the Internet from different public access points; counting the number of devices behind a NAT even when the devices use constant or random IP IDs; remotely probing a block of addresses to determine if the addresses correspond to virtual hosts, e.g., as part of a virtual honeynet; and unanonymizing anonymized network traces.

Link by way of Mitch Kapor, who unlike me isn’t so enamored by the elegance of their technique to ignore the obvious security and privacy implications.