• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 198
  • Last Modified:

Info that can be obtained to "finger print" users to keep them unique?

I come to you today with a unqiue issue.

We have a web application that people access, they need to go to our website first to download the application.

We want to do specific promotions however we do not want people abusing it by using the same computer for example to sign up multiple times.

I know that alot of info can only be obtained with active x and java and user prompts.

What data can be obtained with out needing admin local rights to pull user data?

Harddrive serial number?
CPU ID's ?

I know that OS and screen res and such can be had, but this can be changed, looking for things a little more unique to the users system.

Any help is appreciated
0
Mathiau
Asked:
Mathiau
3 Solutions
 
msifoxCommented:
You cannot really prevent it reliably.
That said, flash cookies are more difficult to get rid of than http cookies, so that's often used. And/or you could enforce people providing correct email addresses. Some people may have two or three, but most cannot quickly come up with many more, and it's time consuming to generate really lots of them.
Also your application could hide info in registry, %CommonProgramFiles% and other places.
0
 
MathiauAuthor Commented:
Ya, that is what i had assumed, we plan to use both types of cookies where possible, the people who use are app, there are some who will get creative, so i wanted to see how much more info we could get that is basically "open" with out prompting the user to allow something to run.

Once our application is installed we do gather other info to create a uniqueID, but we wanted to see if we could implement a system prior to them even downloading our software to get as many points to create a score / ID for a user and if they pass of fail.
0
 
COBOLdinosaurCommented:
The flash cookies are actually not difficult to get rid of all it takes is the FF addon BetterPrivacy which has a rating of 5 stars out of 5 and I would not be without it.

In the end you will not prevent abuse, you might reduce it, but that just gives a bigger advantage to the cheaters, and if you are offering real value yu just create a market for those willing to sell or give away easy workarounds.

Cd&
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
MathiauAuthor Commented:
So i assume short of cookies there really is nothing else that can be obtained with out user prompts like hardware ID's, mac address or anything?
0
 
COBOLdinosaurCommented:
In general the mac address can only be obtained in a localized environment like a lan.  Across the internet it is not going to happen.

Cd&
0
 
MathiauAuthor Commented:
I was reading about that, as the mac never goes past the router, learn something new everyday!
0
 
QlemoC++ DeveloperCommented:
I've requested that this question be closed as follows:

Accepted answer: 168 points for msifox's comment #a39216849
Assisted answer: 166 points for COBOLdinosaur's comment #a39231827
Assisted answer: 166 points for COBOLdinosaur's comment #a39216953

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now