[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Changing user agent on eww [OT]

From: chad
Subject: Re: Changing user agent on eww [OT]
Date: Thu, 23 Jan 2014 20:27:23 -0800

On Thu, Jan 23, 2014 at 5:50 PM, Stefan Monnier <address@hidden> wrote:
> Hmm... I wonder if https://panopticlick.eff.org/ rates "no UA" as being
> *more* identifiable than spoofing it to something commonplace? :-)

BTW, I was recently thinking about this "http header fingerprinting"
problem and was wondering if anybody has tried to randomize
their header.
More specifically, change part of the header for each request.
An obvious option is to add a counter to the "user-agent", and to add
a "blur" factor to the language options.

E.g. my "en-us,fr-ch;q=0.8,es-ar;q=0.6,en;q=0.4,de;q=0.2" appears to be very
rare, but if it keeps changing from
to en-us,fr-ch;q=0.80000983,es-ar;q=0.60000923,en;q=0.40000186,de;q=0.20000236
to ...
then a naive fingerprinting will be fooled into thinking it's coming
from a different user.

It's not a bad idea, but I wouldn't try it specifically with q-values, as they're likely discarded by the server before they get to the browser-id step.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]