azorius.net

TOR browser User Agent in Linux increases fingerprinting
from VITecNet@programming.dev to linux@lemmy.ml on 23 Nov 23:22
https://programming.dev/post/22062599

I usually use Tor Browser to scan files online for viruses, which I then send to Windows users (I use Linux) if they are clean.

Lately, I’ve noticed that the User Agent in TOR is showing up as Linux, when it used to show up as Windows.

Is this a problem with my system or a change made by the TOR team? The fact that Linux has far fewer users increases fingerprinting.

#linux

threaded - newest

savvywolf@pawb.social on 23 Nov 23:32 next collapse

Does it increase fingerprinting? I imagine there might be some non-user-agent way to determine the OS. Like with image handling or whatever.

It’s probably more unique and suspicious for a linux browser to pretend to be Windows than a Linux system disclosing itself as Linux.

themoonisacheese@sh.itjust.works on 23 Nov 23:51 next collapse

Pretty sure the TOR user agent is just default firefox, by design. It’s very easy to detect OS with very rudimentary fingerprinting techniques, a lot of which are blocked by the TOR browser but they can never get them all.

Atemu@lemmy.ml on 25 Nov 02:20 collapse

Like with image handling or whatever.

I’d expect TOR browser to mitigate this. Canvas2D is disabled for instance and system fonts aren’t exposed.

Most other things could be mitigated by making every platform use the same code paths for e.g. font rendering. It should be pretty damn hard to determine which OS it is when the userspace is the same. I don’t know whether TOR browser currently does this though.

eldavi@lemmy.ml on 24 Nov 15:23 next collapse

That strikes me as an easy thing to miss; I would see the user agent string myself and let the project’s maintainers know about it

InternetCitizen2@lemmy.world on 24 Nov 16:17 next collapse

Tor scans for viruses?

MP3Martin@programming.dev on 25 Nov 12:49 collapse

OP uses tor browser to access websites that scan files for viruses

InternetCitizen2@lemmy.world on 25 Nov 13:29 collapse

I see, thx

CCRhode@lemmy.ml on 24 Nov 19:13 next collapse

Using TOR Browser, my user agent is:

Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0

… so I confirm that Windows is not spoofed now, if ever it were.

You can see what Web hosts see. Visit:

coveryourtracks.eff.org

chevy9294@monero.town on 26 Nov 06:25 collapse

Yes, Tor recently made a change to that. This does increase fingerprinting but not by much. A lot of Tor users are using Linux rather than Windows.