If installed as an app on a mobile device or smart TV, you'll probably have a enough access to get a hold of something unique. I wouldn't necessarily go for a Mac address, but different devices will have different unique identifiers you can grab (even just a phone number would be a pretty good bet for a mobile phone).

如果作为应用程序安装在移动设备或智能电视上，您可能有足够的访问权限来获得一些独特的东西。我不一定会选择 Mac 地址，但不同的设备会有不同的唯一标识符，您可以获取（即使只是一个电话号码对于手机来说也是一个不错的选择）。

Browsers, which are the most restricted environment you listed, are a different story.

浏览器是您列出的最受限制的环境，但情况不同。

Short answer, no.

简短的回答，没有。

Longer answer, no, but kinda.

更长的答案，不，但有点。

There is no way to get any kind of identifier that is truly unique and unchangeable from the client. This means no MAC address, serial number, IMSI, or any of those other things.

无法从客户端获取任何类型的真正唯一且不可更改的标识符。这意味着没有 MAC 地址、序列号、IMSI 或任何其他内容。

You'd have to turn to an approach which advertisers frequently use to track you across the web.

您必须采用一种广告商经常使用的方法来在整个网络上跟踪您。

Basically, you scoop up all the information you can access about a user. These things may include user agent string, IP address, OS, and the like. Basically, things that are sent in an HTTP request and/or via JavaScript client-side. By combining these values together, you can create something that's going to be reasonably unique fingerprint, though not guaranteed and will greatly vary by physical environment that users access it by.

基本上，您可以获取可以访问的有关用户的所有信息。这些内容可能包括用户代理字符串、IP 地址、操作系统等。基本上，通过 HTTP 请求和/或通过 JavaScript 客户端发送的内容。通过将这些值组合在一起，您可以创建一些相当独特的指纹，尽管不能保证并且会因用户访问它的物理环境而有很大差异。

For example, if I'm using my computer at home, and I'm all alone, and I have a fixed IP address, then getting my IP address alone will probably point to just me. If I'm in a college library or an office environment though, and pretty much every other computer all uses the same external IP (quite common a lot of times), and all of them are roughly the same amount of up-to-date, then a lot of people will show up all as the same user even if you mix a bunch of different data points together.

例如，如果我在家里使用我的计算机，并且我一个人，并且我有一个固定的 IP 地址，那么单独获取我的 IP 地址可能只指向我。如果我在大学图书馆或办公室环境中，并且几乎所有其他计算机都使用相同的外部 IP（很多时候很常见），并且所有这些都大致相同数量的最新，那么即使您将一堆不同的数据点混合在一起，很多人也会以同一用户的身份出现。

Depending on your use-case, it may be "good enough" (which is generally what advertisers go with), but if it you are using it for any kind of auto-access to security, don't do it. It's never going to be anywhere near secure enough for that. If you want to do something like that, at the very least mix it with a cookie and/or session specific values to reduce the risks.

根据您的用例，它可能“足够好”（这通常是广告商所采用的），但如果您将其用于任何类型的自动访问安全性，请不要这样做。它永远不会足够安全。如果您想做类似的事情，至少将其与 cookie 和/或会话特定值混合以降低风险。