Ability to neutralize User-Agent string for enhanced privacy #100
Comments
ghost
mentioned this issue
|
I'm not sure what you mean by "neutralize". Does this mean to block sending the user-agent at all? I'm afraid this would have contra-productive effects to impeding fingerprinting. A better solution would be "rotating" user-agents, i.e. a new user-agent is used, e.g., every 30 minutes or with every new browser session. |
|
No I didn't have in mind nulling the field, I had in mind removing or altering some fields which contribute too much bits of fingerprint info based on panopticlick's results. In any case, after looking at all this I may choose to have this option handled by a companion extension of HTTPSB. The HTTP referer made sense because it is based on the rules. But here the matrix has nothing to do with this, so I am thinking of having this handled in a different companion extension which would be able to take over the task of changing the outgoing headers (can only be done by one extension) from HTTPSB. |
Okay, but whatever you decide don't forget that even removing some fields can make your browser (more) unique as 99.999% of other users don't do that. Rotating user-agents would not have that problem ... |
Yes, hence my emphasis on reducing bits of info. In any case I now lean toward not including this, as there is no relation whatsoever to the matrix, I see this more as a companion extension to HTTPSB. |
|
In the mean time, of interest: https://wiki.archlinux.org/index.php/Chromium_Tips_and_Tweaks#User_Agent |
Re. privacy.
Because the Chrome API doesn't allow more than one extension to change the outgoing headers, and since HTTPSB must already potentially change the outgoing headers (to remove cookies), this means that using another extension to change the User-Agent string alongside HTTPSB won't work. So HTTPSB must provide this feature, or else a user will have to forfeit one on the two extensions.
The text was updated successfully, but these errors were encountered: