Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to detect new Machine like Facebook?

Tags:

php

facebook

I am actually trying to detect a person, using a computer, Just like facebook. Whenever you sign into facebook using different machine, it detects the new machine and asks you the register it. How do they find out that the person is using another computer. May be they can track the clients MAC or actual IP (but this normally changes upon every reconnection).

How to detect this?

like image 301
mrN Avatar asked Sep 30 '10 11:09

mrN


People also ask

Does Facebook notify you when you login from a different device?

To keep tabs on who is logging in, enable Login Notifications. Each time someone logs in to your account at an unrecognized computer or mobile device, Facebook will alert you via text message or e-mail. With that information, you can end that session (see No. 3) and change your password.


2 Answers

I recently tried this myself with the following results:


MACBOOK = My laptop

DELL = My friends laptop

I logged in to Facebook on MACBOOK in SWEDEN, and was asked to name the device.

My friend logged in to Facebook on DELL in SWEDEN and was asked to name the device.

We both went to JAPAN.

I logged in to Facebook on MACBOOK in JAPAN, I was not requested to name the device again.

My friend logged in to Facebook on DELL in JAPAN, and was not requested to name the device again.

I logged in to Facebook on DELL in JAPAN, and was asked to name the device.


So, from that I conclude two different options:

  1. A persistant cookie for each Facebook user that logins on the device.
  2. Somehow Facebook can match MAC-adresses.

Since 2. is never achievable without you installing plugins or whatnot, we are left with 1.

Exploring the cookies I have with Facebook, I discover 13 of them. Using Google Chrome for this is really useful. Just go to chrome://settings/cookies and you'll get a list.

The Facebook cookie named "lu" contains the following information:

Name:   lu
Content:    (data)
Domain: .facebook.com
Path:   /
Send For:   Any kind of connection
Accessible to Script:   No (HttpOnly)
Created:    Thursday, June 9, 2011 8:58:10 PM
Expires:    Saturday, June 8, 2013 8:58:10 PM

This is the only cookie they have that don't expire on browser close, the same day or a few days ahead. My educated guess would be that (data) would consist of the device information they check for this feature.

I would also guess that they store the information in their database, and upon logging in they match the data against you again. If you match in certain predefined ways (like, both the ip adress and the browser is still the same), you automatically gets approved. This would explain why you could format your computer and still have the device approved.

I am guessing that if you delete all cookies and then move to a different internet provider, you would be required to register the device again.

like image 178
Mattis Avatar answered Sep 18 '22 11:09

Mattis


This process has very little to do with cookies, it's called fingerprinting.

Basically, you can look at the functionality and support of your browser and there is a likelihood that the combination will be somewhat unique.

You can test this out here: https://panopticlick.eff.org

JavaScript example, but the theory can be transposed to any language: http://valve.github.io/fingerprintjs2/

Using this in combination with cookies is the best way to detect unique devices. Store the fingerprint in a hidden field when you login and check that against the available fingerprints you've already got.

like image 29
bashaus Avatar answered Sep 22 '22 11:09

bashaus