bytex64.net/blog

Remember the kerfuffle in the late 90's about the Pentium III Processor Serial Number? Privacy advocates were worried that the PSN would be used for Big Brother shenanigans, destroying anonymity. Intel got enough heat that they backed down on it, but there's another vital piece in your computer that has a unique ID, and nobody really cared. Want to take a guess as to what that part is?

That's right, it's your hard drive. Hard drives have had serial numbers for ages, and it's been possible to read these serial numbers from software since at least the 1994 ATA-1 Specification^[PDF]. You can take a look yourself with hdparm, a tool available on Linux and Windows (this will, of course, require superuser access).

In my line of work, software-accessible serial numbers are very useful for inventory. I can look up the serial number of a failing drive and have the RMA request sent in before anyone even arrives in the server room. But tinfoil hatters beware: unlike the Pentium III's PSN, there's no way to turn them off.

Not that it really matters, anyway. The combination of seemingly innocuous information given away by your web browser — like its version, installed plugins, your OS, installed fonts, and time zone — serves as a pretty good fingerprint. If you're like me, it's good enough to identify you uniquely. Try it yourself over at the EFF's Panopticlick.

There are a lot of ad networks using both browser cookies and flash storage to track the sites you go to. Isn't it comforting to know that even if you don't have flash and disable cookies, ad networks can still be reasonably sure it's still you? All it would take is an ad or an app on Facebook to associate your real name with every site you've been to on that ad network. But you're not stupid enough to trust Facebook with your personal information, right?

Right? :)