The next attack of paranoia was fully justified - it came after reading an
article about anonymity methods in the network , where the author, using the example of the FireFox browser, talked about potential leaks of identification information. And it became interesting - and how many voiced solutions are applicable, say, to the
Google Chrome browser ?
Hide real IP - use different VPN servers, disable the lion's share of tracking scripts -
Adblock Plus and
Ghostery , remove the Referer -
no question , they have forgotten something ... Oh yes - User-Agent is a kind of “imprint”, which (in conjunction, say , with ip) easy to identify user. And with this it was necessary to do something. The solutions found only statically changed the value of the User-Agent, which was clearly not enough. Then it was decided to write a plugin to hide the real User-Agent, or to be more precise, to replace it with random one. Or almost randomly.
For impatient at once:
source code on GitHub and extension in
Google Webstore .
')
Some theory
In general, User-Agent (hereinafter referred to as
UA ) is a necessary piece. First of all, necessary for the correct display of pages, because we all know that different versions of different browsers render pages in different ways, and caring web programmers take this fact into account, giving the necessary scripts and styles to the right browsers. The support of the available technologies “engines” is different. This implies the first requirement for the outcome - the ability to “imitate” various browsers, and most importantly, to be able to
choose between them.
UA is primarily a set. A set of different identifiers, according to which the definition takes place - which browser, which operating system, which version, and which specific software (hi, IE) does the user have?
Why exactly IP and
UA should be hidden in the first place? And let's look at the log of an empty stub site, on which there is nothing at all:
[meow@hosting /var/log]$ cat somesite.org.access_log | tail -3 10.12.11.254 - - [25/Jul/2014:15:51:16 +0700] "GET / HTTP/1.0" 200 5768 "-" "Mozilla/5.0 (compatible; MJ12bot/v1.4.5; http://www.majestic12.co.uk/bot.php?+)" 10.12.11.254 - - [25/Jul/2014:15:57:38 +0700] "GET / HTTP/1.0" 200 5768 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" 10.12.11.254 - - [25/Jul/2014:19:19:25 +0700] "GET / HTTP/1.0" 200 5768 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0"
There is nothing on the site, and I know more than enough about the visitor. All because "the logs know everything" ©.
Some practice
So, it is decided - we substitute fake
UA . But how to form it? I took the path of picking up a dozen
UA of each browser of interest, and writing a regular schedule for each one, which will generate the
most plausible and at the same time a somewhat unique imprint. Want an example? Here you have 10 IE browser "IE 9", and among them five of these. Can you tell the difference?
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; chromeframe/12.0.742.112) Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 6.0; Win64; x64; Trident/5.0; .NET CLR 3.8.50799; Media Center PC 6.0; .NET4.0E) Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 8.1; Trident/5.0; .NET4.0E; en-AU) Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 2.0.50727; Media Center PC 6.0) Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 8.0; WOW64; Trident/5.0; .NET CLR 2.7.40781; .NET4.0E; en-SG) Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 8.0; Win64; x64; Trident/5.0; .NET4.0E; en) Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 2.0.50727; Media Center PC 6.0) Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Zune 4.0; Tablet PC 2.0; InfoPath.3; .NET4.0C; .NET4.0E) Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.0; Trident/5.0; .NET CLR 2.2.50767; Zune 4.2; .NET4.0E) Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0
Yes, it is possible, but it needs to be analyzed. Analyze, for example, which .net can stand on which OS, analyze versions and combinations, nuances. When they are lost in the heap - the task becomes a little trivial. Who cares how regulars look like - welcome
to this link . The day of generation used
randexp.js (thanks for the hint thanks to habrachowaku under the nickname
barkalov ).
In general, the extension successfully impersonates the following browsers:
- IE 6 to 10;
- Chrome (Win / Mac / Linux);
- Firefox (Win / Mac / Linux);
- Safari (Win / Mac / Linux);
- Opera (Win / Mac / Linux);
- iPad and iPhone.
What else is interesting?
Automation . Check off which browsers we imitate, tick "Update automatically", specify the time interval, and forget. Nothing extra. For the curious, look at the “background page” in the console - everything is not badly logged.
Open source. If there is a desire to finish by yourself, all that is needed is:
- Open link extensions on githab;
- Click "Download Zip" or clone;
- On the extensions page put the checkbox "Developer Mode";
- Click "Download unpacked extension ..." and specify the path to the unpacked archive or clone;
I would be very grateful for constructive criticism and suggestions.
Better to see once:
Google WebstoreChange history
- 1.5 - Added exceptions, now it’s fashionable to add some URLs to the “white list”, and nothing will be replaced for them
Good links: