Proposal: Tor User Agent Carousel (TUAC)

[Sebastian Hahn]

Hi there,

thanks for your idea. Please find my comments below:

On Apr 4, 2008, at 10:40 AM, lxixnxenoise at lavabit.com wrote:
> I would like to propose an idea to the Tor community, in the hope that
> someone with the coding skills could pick up on it and run with it  
> to make
> it a reality. The idea is a simple one, I call it:
>
> Tor User Agent Carousel (TUAC)
>
> - What is Tor User Agent Carousel? (TUAC)
> It's an idea I'm proposing as a feature to be added to Tor Button,  
> Tork,
> Vidalia, or perhaps just a plugin for Firefox. It would allow the  
> Tor user
> to configure when their browser's user agent changes and how often,  
> either
> by randomly timed (role of the dice sort of time period) intervals  
> or a
> user defined set time (week,day,hour,seconds,etc.). TUAC would read  
> the
> user agents from a text file containing a list of user agents which  
> the
> user may add to with their own custom strings at any time. The  
> rotation of
> the user agent would be at random every time, or perhaps there could  
> be an
> additional choice for the user to select between several user agents  
> (from
> within the text file containing a list of user agents) to rotate  
> between
> in addition to the random feature.

This has actually been asked for before. Please see https://www.torproject.org/volunteer.html 
#Research, #11.

About the implementation: This has nothing to do with Vidalia or TorK,  
as both programs work with Tor preferences, but not with your everyday  
webbrowsing. It also doesn't belong with Tor, because Tor is protocol- 
agnostic, which means that we don't inspect traffic to change http- 
headers (also, this wouldn't work for https-connections).
So really, if such a feature were to be implemented, the right place  
would in fact be Torbutton or privoxy or some other proxy.

> - Isn't there already a plugin for changing the browser's user agent?
> Can't Privoxy also do this?
> Yes and yes, but these are operations the user must *manually* perform
> each time they wish to change the user agent. In my searching on the
> internet I've found no plugin or program which allows Firefox (or  
> other
> browsers) to rotate the user agent randomly and/or according to a set
> pattern of time. This is why the image of a carousel came to me,  
> with the
> rotation of animals being symbolic of the user agent rotation I  
> believe
> tor users should have.

You believe they should have that option, but does it help or hurt  
anonymity? I do think it hurts, more below (also, this ist just what  
*I* think, without any proof!)

> - Isn't this a silly idea? How does this help anything?
> First, I believe this is a feature every tor user should have as an
> option, regardless of what some naysayer may have to say about it, not
> everyone likes or uses every feature any software product offers  
> them, but
> without additional features they would have less to choose from.  
> Second, I
> believe the static/manual changing of the user agent isn't enough,  
> there
> are many ways to fingerprint a particular browser by its  
> configuration,
> and I don't believe simply mixing in with the crowd is enough, as  
> the user
> is likely to have many other blatent Tor-like signs, especially with  
> most
> everything turned off like javascript, java, etc. I believe by  
> allowing
> the tor user to randomize their user agent as they choose either on  
> a set
> time period for UA rotation or a time picked by the TUAC program at
> random, it will further help in distancing themselves from  
> fingerprinting
> attacks. I didn't like relying on Privoxy or some browser plugin to  
> switch
> my user agent manually, I didn't want to do this each and every time I
> wanted to appear as another browser, I want this done randomly  
> without my
> interaction! I'm not alone here, there are many others on the net  
> looking
> for a random UA rotation and I believe TUAC could deliver this. I'm  
> sure
> there may be a number of nay sayers, as with any idea, but regardless,
> this is a feature I and many others have wanted, I'm sure, even if  
> it was
> just a Firefox plugin, it would be a simple matter to create by a  
> bright
> minded individual, and those who wanted to use it would.

Please note that in most cases it is trivial to detect whether traffic  
comes through the Tor-network or not. So, if you use the standard user  
agent provided by Torbutton, you can be identified to be "someone who  
uses Tor and Torbutton between version x and y" (those two versions  
are the versions that set that specific user agent). So when you  
change the reported user agent frequently, does that mean that your  
anonymity gets better? No, it doesn't! Now, you're a user who uses Tor  
and Torbutton and also uses the user agent toggling script - a lot  
less people are going to use that, until the new version is widely  
adopted, which takes time. Also, when the user agent changes on a  
website that you logged
onto, they are going to link the two. Again, the above is just what I  
think of the problem, nothing based on research!

> - Couldn't this be just a browser plugin rather than an addition to a
> Tor-specific program?
> Sure, like many of the Firefox plugins, I'm sure it would be a great
> addition, even for the non-Tor users. However, I believe it would be
> especially useful for Tor users, so I'm suggesting it here, as not  
> all of
> us use Firefox for Tor, so could this feature be added to another  
> program
> for Tor users regardless of browser? For Privoxy users, the UA can be
> changed manually within one of the configuration files, but this means
> Privoxy must be restarted for the change to be honored. Is there  
> some way
> around this, or could this just be done without touching Privoxy? What
> about other programs used by Tor users, Tork? Vidalia? Polipo? Others?

See above why there are only two choices, really onle a browser plugin  
as it should work with https-traffic as well.

> [snip]
> Thank you for your consideration

I hope I have given you something to think about, and maybe, when some  
research shows it is worthwhile, it will be implemented in Torbutton -  
but someone has to sort out the facts, first

Sebastian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20080404/0c32eec5/attachment.pgp>