Re: [Tails-dev] Faking htpdate user agent worth it?

Delete this message

Reply to this message
Author: intrigeri
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Faking htpdate user agent worth it?
Hi,

adrelanos wrote (30 Sep 2012 22:25:31 GMT) :
> I am wondering about this line in /etc/default/htpdate:
> HTTP_USER_AGENT="$(/usr/local/bin/getTorbuttonUserAgent)"


FTR, this is left from the times when htpdate did run wget in the
clear (without going through Tor).

> Since you are also using curl and only download the header, does
> faking the Tor Button user agent provide any additional benefit?
> Couldn't the server quite easily distinguish from real Tor Button
> users and tails_htp curl users?


It may be worse than what you are suggesting.

If iceweasel + Torbutton rarely, if ever, sends HTTP HEAD requests,
then we should probably not pretend to be Torbutton. Does it?