I use VMs to do web surfing as extra layer of protection.
I would configure a VM in VMware Workstation that has never connected to any internet before, install windows on it and all the necessary software, then take a snapshot.
That ways when I revert back to the original snapshot, I always start with a machine that has never connected to the internet before.
Some websites, like for example bank of america, when it thinks you are logging in from a new computer for the first time, it will ask me an additional secret question before asking me for the password.
I always thought it was a supercookie or something but it turns out not to be the case at all.
For example, if I sign in with the VM to BOA for the very first time, it will ask me for the secret question, however if I revert back to the original snapshot and try again, it remembers me and won't ask me for the secret question again.
BUT, when I use the same WIndows OS iso file and create a "new" (non snapshot) Windows 7 VM image again, and sign in with that for the very first time, BOA will again ask me for the secret question...
How does it know the difference? Unless it was looking at something else, and this something else isn't the ip address because in all of these instances the IP address remained the exact same....
I thought maybe it was the MAC address... but in VMware I would generate a new MAC address in the virtual adapter after reverting to base snapshot that hadn't yet connected to any networks and yet that didn't do the trick....
What else that isn't browser, screen resolutioon, IP address and Mac address etc related that it could be using as a unique identifier as fingerprinting aacross difference images?