How effective is Random Agent Spoofer

7 replies [Last post]
GNUbahn
Offline
Joined: 02/18/2016

As a non-techie, it is difficult to figure out what, how much and how data about ones internet use is monitored and registered. There are many advices for e.g. addons to install, but I got the impression, that the addons installed themselves can serve to point out your specific computer.

Now I am looking at Random Agent Spoofer which look efficient, and I am sure good people would not suggest it if it was not, but how effective is it? And are there downsides to installing it?

Magic Banana

I am a member!

I am a translator!

Offline
Joined: 07/24/2010

I use it. It does what it promises. I use the "Random (Desktop)" configuration changed after a "Random" period. If you choose a completely random profile, it may be that of a mobile system and the layout of the site may be different.

Sites that need to know that you use a Firefox derivative are confused, e.g., https://addons.mozilla.org write "You need to download Firefox to install this add-on". However you can set your "Real Profile" in two clicks and reload of the page.

According to the developers of Tor Browser, the best for anonymity is to have to the most common fingerprint. That means the most common user agent... and no add-on. If you want some add-ons, I believe "Random Agent Spoofer" is the best solution.

See https://www.torproject.org/projects/torbrowser/design/

GNUbahn
Offline
Joined: 02/18/2016

So addons are kind of revealed in your meta data, or how do they get hand on that information?

Magic Banana

I am a member!

I am a translator!

Offline
Joined: 07/24/2010

The article I linked in my previous post includes these sentences:

Users are free to install these addons if they wish, but doing so is not recommended, as it will alter the browser request fingerprint. (...) End-user configuration details are by far the most severe threat to fingerprinting, as they will quickly provide enough information to uniquely identify a user. We believe it is essential to avoid exposing platform configuration details to website content at all costs. We also discourage excessive fine-grained customization of Tor Browser by minimizing and aggregating user-facing privacy and security options, as well as by discouraging the use of additional plugins and addons.

I do not know how a web page can detect the addons. Probably some JavaScript...

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

Yes. It needs js, as is with 99% of tracking so far. :/
Disable js and you are fine. Or install noscript and allow it only on trusted websites.

GNUbahn
Offline
Joined: 02/18/2016

Thanks.

It is rather difficult to no which sites can be trusted though!

What is the (semi-) technical answer to why js is such a problem?

pengnuin
Offline
Joined: 08/17/2017

I'd sum it up in saying that it has access to a lot of things that can identify you. It's a kind of design issue - if a website wants to display a certain font in order to make their website look all shiny, it can ask your browser to provide a list of fonts that it supports. If that's non-standard, it's not hard to identify you. Same goes for addons. There are a ton of things that can be done, apart from stuff like the user agent. Also, JavaScript driveby is a thing. Unfortunately, there are a lot of problems that JS poses. For privacy, however, start by blocking trackers (ad networks, followed by analytics websites) and others and only enable JS if neccessary. NoScript really is your best bet.

edit: If you want to get a graphical overview of the relationships between the websites you visit and what is embedded on them, I'd suggest giving Lightbeam for Firefox a shot (use it in Abrowser or Icecat, or any FireFox derivative).

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

https://noscript.net/faq

I have yet to try Lightbeam. Have been tempted several times but never installed it at the end (I try to use just noscript and httpseverywhere, and eventually ublock oring, less addons the better :P).