[tor-bugs] #26146 [Applications/Tor Browser]: Setting `general.useragent.override` does not spoof the platform part anymore in ESR 60 which is confusing

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Sep 8 22:16:59 UTC 2018


#26146: Setting `general.useragent.override` does not spoof the platform part
anymore in ESR 60 which is confusing
---------------------------------------------+--------------------------
 Reporter:  gk                               |          Owner:  tbb-team
     Type:  defect                           |         Status:  new
 Priority:  Medium                           |      Milestone:
Component:  Applications/Tor Browser         |        Version:
 Severity:  Normal                           |     Resolution:
 Keywords:  ff60-esr, tbb-fingerprinting-os  |  Actual Points:
Parent ID:                                   |         Points:
 Reviewer:                                   |        Sponsor:
---------------------------------------------+--------------------------

Comment (by cypherpunks3):

 Replying to [comment:23 gk]:
 > Whatever we do with respect to the user agent won't be included in the
 security slider. If that's an issue then it's a privacy issue and Tor
 Browser's privacy guarantees are or should be the same for everyone
 regardless of the security level. The slider is for adjusting the
 *security* against *browser exploitation*.
 This is very precise reasoning, everyone who has a minimal knowledge on
 the Tor Browser's history and philosophy will come to these same
 conclusions. The comment above does note presuppose the security slider's
 function (the tb devs collect all the bugs that affected a Firefox ESR to
 determine which things to restrict in each slider level). Also what if
 someone uses a website foo.com with the lowest slider value then changes
 it to the highest, does he deserve to have his UA leaked then changed
 back? What kind of treatment is that?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26146#comment:26>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list