Except websites can tell what base OS you run using browser fingerprinting. It os impossible to lie aboit your OS because of the differences in platforms.
You can lie, but that doesnt mean that a website cant still tell your base OS if they use JS platform fingerprinting. Arkenfox, the base config which Librewolf is based off of says the exact same thing. Go to CreepJS and see it get your platform regardless.
Twitch.TV will tell you that you need to use a supported browser if you connect with Linux in your user agent no matter what browser you use. Changing Linux to Windows in your agent with no other changes resolves this issue.
Sure, you can lie to get around restrictions that only care about useragent. But it is still clear as day what platform you are using, even against basic threat actors. It is not “anti-malware” and it reduces the pool of users you blend in with. Firefox’s privacy.resistFingerprinting preference uses the anti-fingerprinting strategy of “normalize metrics to create a crowd” (inherited from Tor browser), but this is on a per-OS basis because it is impossible to effectively lie about your platform (ei. a pool of Windows RFP users, MacOS, and BSD, etc).
Generally browser fingerprinting is used to identify individual browser sessions across IP addresses. This mostly takes into account reported features and capabilities of the browser and OS to the website. Fingerprinting isn’t looking for specific info your browser reports, it’s taking it all and hashing it to get a unique id specific to the browser. Because it’s hashed, it can’t be reversed to identify the OS from the hash.
Sure a malicious website could Ignore the user agent and probe for some hardware capabilities that are specific to Linux, but that would be a lot of effort to probe various things which are set differently across all different browsers. I can’t speak for bad actors, but I wouldn’t spend the effort to check if the user agent is spoofed, if 95% of the time it’s accurate to get the OS type.
It is trivial to identify OS platform because browser work differently on each platform. Wjat Librewolf does with useragent on Linux actually is makes users stand out more because it isn’t what privacy.resistFingerprinting (RFP) reports on normally.
Hackers (like the comment scenario i was responding to) are substantially more likely to employ platform fingerprint than trust a fale useragent. And loads general websites employ fingerprinting, meaning deviation from default RFP behaviour makes you stand out (more than you already do by using RFP since it is a small pool already).
Except websites can tell what base OS you run using browser fingerprinting. It os impossible to lie aboit your OS because of the differences in platforms.
Sure, if they put in the effort. Most don’t even when Distributing malware
You can lie about your fingerprint very much in fact it is the default on librewolf
You can lie, but that doesnt mean that a website cant still tell your base OS if they use JS platform fingerprinting. Arkenfox, the base config which Librewolf is based off of says the exact same thing. Go to CreepJS and see it get your platform regardless.
You sweet summer child I use noscript
Twitch.TV will tell you that you need to use a supported browser if you connect with Linux in your user agent no matter what browser you use. Changing Linux to Windows in your agent with no other changes resolves this issue.
Worked on my machine last I checked, and I don’t have a useragent spoofer
Sure, you can lie to get around restrictions that only care about useragent. But it is still clear as day what platform you are using, even against basic threat actors. It is not “anti-malware” and it reduces the pool of users you blend in with. Firefox’s privacy.resistFingerprinting preference uses the anti-fingerprinting strategy of “normalize metrics to create a crowd” (inherited from Tor browser), but this is on a per-OS basis because it is impossible to effectively lie about your platform (ei. a pool of Windows RFP users, MacOS, and BSD, etc).
Generally browser fingerprinting is used to identify individual browser sessions across IP addresses. This mostly takes into account reported features and capabilities of the browser and OS to the website. Fingerprinting isn’t looking for specific info your browser reports, it’s taking it all and hashing it to get a unique id specific to the browser. Because it’s hashed, it can’t be reversed to identify the OS from the hash.
Sure a malicious website could Ignore the user agent and probe for some hardware capabilities that are specific to Linux, but that would be a lot of effort to probe various things which are set differently across all different browsers. I can’t speak for bad actors, but I wouldn’t spend the effort to check if the user agent is spoofed, if 95% of the time it’s accurate to get the OS type.
It is trivial to identify OS platform because browser work differently on each platform. Wjat Librewolf does with useragent on Linux actually is makes users stand out more because it isn’t what privacy.resistFingerprinting (RFP) reports on normally.
Hackers (like the comment scenario i was responding to) are substantially more likely to employ platform fingerprint than trust a fale useragent. And loads general websites employ fingerprinting, meaning deviation from default RFP behaviour makes you stand out (more than you already do by using RFP since it is a small pool already).