New paper by Amit Klein (Trusteer): "Detecting virtualization over the web with IE9 (platform preview) and Semi-permanent computer fingerprinting and user tracking in IE9 (platform preview)"

[Amit Klein <amit.klein () trusteer com>]

Hi list

The IE9 (platform preview) Javascript Math.random implementation is vulnerable to seed reconstruction. The seed reveals 
the computer's boot time (and on Windows 7 - also CPU clock speed). These can be used to finger-print computers and 
track users within the same Windows session even if they close and open their IE9 (platform preview) browser multiple 
times. 
Interestingly enough, this technique also provides some information regarding the client hardware (namely clock source 
and possibly CPU clock speed), and may be used to detect virtualized machines "over the web". 
Additionally, the Math.random implementation is flawed in such way that it returns non-uniform values (this holds for 
IE9 beta as well).

For full details, please read:
http://www.trusteer.com/sites/default/files/VM_Detection_and_Temporary_User_Tracking_in_IE9_Platform_Preview.pdf

Thanks,
-Amit
Amit Klein, CTO, Trusteer