On Wed, 19 Dec 2018 23:53:04 +0100 stakanov <stakanov@eclipso.eu> wrote:
In data mercoledì 19 dicembre 2018 22:12:21 CET, Dave Howorth ha scritto:
On Wed, 19 Dec 2018 21:33:21 +0100
stakanov <stakanov@eclipso.eu> wrote:
In data mercoledì 19 dicembre 2018 21:16:19 CET, Dave Howorth ha
scritto:
I've just noticed that when Firefox on my Leap 15.0 system, which currently says it is 60.3.0esr (64-bit) in the Help/About, tells web servers that it requests pages from that it is
"Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0"
Why does it lie about its version number?
It does no lie maybe? By the principle of data parsimony, why would you give information that shall be available to the owner of the system but is of not use but tracking to the outside site? If it is sufficient for a correct service to know the general version and not the sub-revision, then this behavior would be perfectly sensible, also from a security point of view. If I do not know a revision, i have trouble to attack a precise revision. Besides, AFAIK you can even force a browser to give an arbitrary indication to web servers to heighten privacy and to make tracking harder. So that would not be a lie. But I am just guessing.
Thanks, that's a very reasonable explanation. I wonder if it's correct? Why don't you check out with your browser the following amusing and also educating page:
https://ip-check.info/?foundHTTPS=true Click on start test and compare the results. You may try to tweak your browser with the tips they give.
Excellent. I haven't seen either of those tests before, so thanks very much :) The JonDonym one seems a bit confused, though helpfully detailed. It says 'WARNING: You are supposed to surf with your own or an inadequately protected IP address. You are observable.' which is a bit strange English so I'm not entirely sure what it's trying to say. But I think it means the world and its dog can see who I am. But then above they give completely the wrong location for me and the IP address is a dynamic one from my ISP so isn't tied to me either. The worst things are that my ISP can track me, but I trust them in so far as I trust anybody, and that my browser advertises that I run Linux, but if we don't then people won't build their websites etc to cater for us. Otherwise I would run UserAgentSwitcher.
It gives you insight about what your browser leaks. Another is this one: https://panopticlick.eff.org/ about tracking.
And Panopticlick seems reasonably happy with me. Good! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org