[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: browser footprint
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: browser footprint
- From: 7v5w7go9ub0o <7v5w7go9ub0o@xxxxxxxxx>
- Date: Mon, 21 Jul 2008 16:41:47 -0400
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Mon, 21 Jul 2008 16:42:00 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=SS+esdDXCKGl4gRk1C/gY5sHHKF2eGz0ua+Abc2Wju0=; b=Iv6n1rVGfIkqxE7r+Z5G9pYDZo7VJ31Zi8oBgDfs40NxC1BSefTTkujGRaSXN3bx6v CPx5TjEbT3N1daMIpJiYKV5IgmnrJ0Y9xQ6SKyr6g+iShNtp7vx1Vn2ZRPQJ2bkYdC5r wdnSYzqmw8Y5IGu88CmyTxdBNXR6C9toWUHOk=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=tzCpQQOkPVnIw6H5bBzj12lGHbk7of7VS8hlpyv/vqH11KHkzn7NgvG6H9ET2bwDsh lfYIsycThRNhVXtFoSNTYwnA+pvAAL4DxFCwBWVyU40Q2xgDprw9xKnJe+rWEn5d/sKi cFN885ognl1dRDrMZYUMicM7RT056gHvGD/1Q=
- In-reply-to: <487725E5.90006@xxxxxxxxxxxxxxxxxxxx>
- References: <487725E5.90006@xxxxxxxxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Thunderbird 2.0.0.14 (X11/20080421)
Karsten N. wrote:
I have read a thread at the JonDos forum about browser footprints.
A browser is not only identified by the user-agent, it is possible to
use the accepted language, the accepted content, accepted charsets...
To create a highly anonymous group, many user should use the same
settings for HTTP header values.
You may check your browser at: https://www.jondos.de/de/anontest#
At the page you will see the recommended settings. A developer of
JonDos wrote, they are in contact with the tor dev team about this.
Is it true? I can not find anything about this at torproject.org.
In Firefox / Iceweasel you may set all recommendations at about:config
intl.charset.default utf-8
intl.accept_charsets *
intl.accept_languages en
network.http.accept.default */*
add a new string value to the configuration:
general.useragent.override Mozilla/5.0 Gecko/20070713 Firefox/2.0.0.0
and use some plugins like RefControl, CookieSafe, NoScript....
For Konqueror I think, it is only possible, to set the following
values in $HOME/.kde/share/config/kio_httprc
Language=en
SendUserAgent=true
UserAgent=Mozilla/5.0 Gecko/20070713 Firefox/2.0.0.0
SendReferrer=false
More options possible?
Are there recommendations by others?
Karsten N.
Thanks for posting this; I think it is an important topic.
1. ISTM that one should go out to some of the statistics sites and
determine what the most frequently occurring "prints" actually are.
For user agents, there are many statistic sites; e.g.:
http://www.thecounter.com/stats/
http://www.upsdell.com/BrowserNews/stat.htm
FWICT, the most frequently occuring general User Agent is one of these:
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1)
I'd then find out what the typical (American English) windows I.E.
browser puts out for charsets and encodings, and use that.
(I do not believe that content type */* is used by many browsers; nor
does gzip,deflate appear for HTTP_ACCEPT_CODING)
2. I agree that TOR would be the logical place to incorporate an
optional sanitizing routine that makes all browsers look the same. It is
likely that some folks will complain that it'll break certain features -
fine, they don't have to use it. But for most of TOR browser useage,
it'd work fine.
If doing this in TOR is not practical or too far off, TOR could at least
officially recommend the replacement signatures that most users could
apply using our own devices (e.g. tweaking polipo, using privoxy,
proximitron, etc.).
It seems to me that if we wanted to approach TOR on this:
a. the first step would be to determine what the browser headers should be.
b. the second step would be to code and test a patch for TOR that
replaces individual headers with the standard headers, and deletes
extraneous stuff.
c. Present the recommendations and code patch.
If you are in contact with JonDoe, you might ask them why they chose the
signatures they did
HTH
(p.s. Suggest you retitle this topic to "browser fingerprints" or
"browser signatures". "footprints" typically refer to the size and
overhead of an application)