Unique System Identifiers and Javascript

no**************@gmail.com wrote:

Hello all!

I have something rather unique. I'm creating a cookie for
customization for a webpage. But I want to tie the user to a machine
(not friendly, I know, but for what I'm doing, it's got to be done).

Sounds more like something you would usually implement server-side.
Maybe by looking at the ip address?
Remember that anyone can look into their cookies and copy the
information to a cookie on another computer.

I can't impliment server-side (I'd like to, but can't. project
restriction).

IP address would be sufficient, if it didn't change.

The cookie is going to be permanent (and encrypted). The code will
check the data in the cookie against something that is unique to the
system. If the IP changes, then that piece wouldn't be unique.

I'm looking for something like a system bios serial number or
something.

Maybe the better question would be "what can a page w/ javacript on it
access on the local machine w/out coming from a trusted site?"

Thanks again in advance!
-Michael

wrote on 23 mrt 2006 in comp.lang.javascript:

I can't impliment server-side (I'd like to, but can't. project
restriction).

IP address would be sufficient, if it didn't change.

The cookie is going to be permanent (and encrypted). The code will
check the data in the cookie against something that is unique to the
system. If the IP changes, then that piece wouldn't be unique.

I'm looking for something like a system bios serial number or
something.
Holy grail search?
No this impossible.

Clientside encription?
Not sensible.

Unique IP?
Proxy users share the IP with tousantds at a time.

Project restriction?
A serious programmer tells his empoyer
not to insist on impossible requirements.
Maybe the better question would be "what can a page w/ javacript on it
access on the local machine w/out coming from a trusted site?"

if you mean:
w/ -> with
local machine -> clientside
javascript -> clientside javascript
can -> is sensible

The domain's cookies.

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)

On 23 Mar 2006 10:09:06 -0800, no**************@gmail.com wrote:

I can't impliment server-side (I'd like to, but can't. project
restriction).

IP address would be sufficient, if it didn't change.

The cookie is going to be permanent (and encrypted). The code will
check the data in the cookie against something that is unique to the
system. If the IP changes, then that piece wouldn't be unique.

I'm looking for something like a system bios serial number or
something.

Maybe the better question would be "what can a page w/ javacript on it
access on the local machine w/out coming from a trusted site?"

Thanks again in advance!
-Michael

IP addresses are often dynamic and cannot be relied on as a "unique
system identifier". Worse, is that IP addresses are often dynamic but
rarely change - the IP address on my home machine is dynamic, but
changes infrequently, so something might appear to work for a period
then fail without warning. Further, all the computers on an internal
network using the private ranges of IP addresses may expose the same
IP address to the world.

MAC addresses might be better, but they are often "spoofed" - most
routers etc. provide tools to allow this (it is often necessary where
a router replaces an existing piece of equipment whose MAC address is
registered with an ISP, for example).

The answer to your last question is "Nothing without asking the user
to install additional software"

Good luck!

Paul