runtime_digital_fingerprint
A Dart package for fingerprinting machines.
Overview
This Dart package provides a solution for the problem of fingerprinting devices. Different pieces of information can be used to identify devices. Some of these are MAC address, serial numbers assigned to hardware, and IP address. None of these single pieces of information provides a guarantee of uniqueness, but if used together, then you may have higher confidence of uniqueness.
Uses
Keeping track of individual devices is important in areas such as software licensing and fraud prevention.
Supported platforms
The runtime_digital_fingerprint
package supports:
- macOS
- Windows
- Linux
The runtime_digital_fingerprint
package is NOT currently available for:
- Android
- iOS
- web
Installation
To add runtime_digital_fingerprint
to your Dart package, include it in your pubspec.yaml file:
dependencies:
runtime_digital_fingerprint: ^1.0.0
Usage
Import the runtime_digital_fingerprint
package in your code and call the method that you want.
The list of currently available fingerprinting methods is:
- MachineID: a UUID that is generated at system install time
import 'package:runtime_digital_fingerprint/runtime_digital_fingerprint.dart';
const String machineId = await MachineId.machineId();
Examples
% dart example/machineid_example.dart
The machineId for this machine is: 827AA042-5900-5208-9D1A-308FAF23E12A
Tests
Run dart test
or use the GitHub Actions workflow to run on multiple platforms.
Implementation details for MachineID
Main Features (copied from here)
- Cross-Platform (tested on Win7+, Debian 8+, Ubuntu 14.04+, OS X 10.6+, FreeBSD 11+)
- No admin privileges required
- Hardware independent (no usage of MAC, BIOS or CPU — those are too unreliable, especially in a VM environment)
- IDs are unique to the installed OS (not specific to user)
Background
Adapted from machineid Go package
Unique Key Reliability (copied from here)
Do note, that machine-id and MachineGuid can be changed by root/admin, although that may not come without cost (broken system services and more). Most IDs won't be regenerated by the OS, when you clone/image/restore a particular OS installation. This is a well known issue with cloned Windows installs (not using the official sysprep tools).
Linux users can generate a new id with dbus-uuidgen and put the id into /var/lib/dbus/machine-id
and
/etc/machine-id
. Windows users can use the sysprep toolchain to create images, which produce valid images ready for
distribution. Such images produce a new unique machine ID on each deployment.
Security Considerations (copied from here)
A machine ID uniquely identifies the host. Therefore, it should be considered "confidential", and must not be exposed in untrusted environments. If you need a stable unique identifier for your app, do not use the machine ID directly.
A reliable solution is to hash the machine ID in a cryptographically secure way, using a fixed, application-specific key.
That way the ID will be properly unique, and derived in a constant way from the machine ID but there will be no way to retrieve the original machine ID from the application-specific one.
Details for macOS IOPlatformUUID
Tested on macOS Sonoma
Is there any official Apple documentation that says what the IOPlatformUUID means, and not just that it exists?
Not that I know of
https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/367
introduced ca. 2008:
Details for Windows MachineGuid
Tested on Windows 11
Possible issue: cloned machines can have the same MachineGuid
https://www.reddit.com/r/sysadmin/comments/stvr5h/hklmsoftwaremicrosoftcryptography_machineguid/
Details for Linux /dbus/machine-id
Tested on Ubuntu 22.04.2
Tested on Fedora 38
Tested on Debian GNU Linux 12
Libraries
- runtime_digital_fingerprint
- runtime_digital_fingerprint