I can tell you what doesn’t exist according to public available information:
-
- a research term who keeps analyzing Debian, TBB, Tails, Whonix, etc. network fingerprint - on different hardware - and publishing results
-
- based on above research, a development team trying to emulate popular network fingerprints
There are only 2 options:
- A) security is hardened and fingerprint might be unique; or
- B) security is not hardened and fingerprint might still be unique.
Why might it still be unique? Are we talking about passive or active attacks?
But in any case, the (Linux) kernel, networking is really complex. A different kernel version on different hardware (different network card) can have different characteristics.
Quote: Device fingerprint - Wikipedia
In 2005, researchers at the University of California, San Diego showed how TCP timestamps could be used to estimate the clock skew of a device, and consequently to remotely obtain a hardware fingerprint of the device.[13]
Hardened or not, nobody will magically get rid of device fingerprinting. In this particular case, Kicksecure + Whonix might even be better off, because TCP timestamps are disabled.
It might even be available as a commercial service: https://www.fingerbank.org/
With millions of DHCP, TCP, DNS and other traffic fingerprints, FingerBank is capable of uniquely identifying nearly 35,000 classes of devices, as well as providing detailed anomaly detection based on observed device behavior, such as Internet of Things (IoT) device visits on the network.
Solution:
- C) security hardened + emulating “popular” network fingerprints: does not exist.
Depends on how motivated someone is looking, because Tails has a different network fingerprint, see: