Re: [Tails-dev] Faking htpdate user agent worth it?

Delete this message

Reply to this message
Author: Jacob Appelbaum
Date:  
To: tails-dev
Subject: Re: [Tails-dev] Faking htpdate user agent worth it?
intrigeri:
> Hi,
>
> adrelanos wrote (30 Sep 2012 22:25:31 GMT) :
>> I am wondering about this line in /etc/default/htpdate:
>> HTTP_USER_AGENT="$(/usr/local/bin/getTorbuttonUserAgent)"
>
> FTR, this is left from the times when htpdate did run wget in the
> clear (without going through Tor).
>
>> Since you are also using curl and only download the header, does
>> faking the Tor Button user agent provide any additional benefit?
>> Couldn't the server quite easily distinguish from real Tor Button
>> users and tails_htp curl users?
>
> It may be worse than what you are suggesting.
>
> If iceweasel + Torbutton rarely, if ever, sends HTTP HEAD requests,
> then we should probably not pretend to be Torbutton. Does it?


The more software that pretends to be TorButton - the better, I think.

All the best,
Jacob