Hi,
On the subject of generic and easy to maintain fixes, we may also want
to investigate using Privoxy:
http://www.privoxy.org/user-manual/actions-file.html#HIDE-USER-AGENT
Effectively, I think that means we'd want to have privoxy running on
the system rather than polipo and that we'd want to have it have the
following configuration value:
hide-user-agent{Mozilla/5.0 (Windows NT 6.1; rv:24.0)
Gecko/20100101 Firefox/24.0}
If we consider
https://trac.torproject.org/projects/tor/wiki/doc/PrivoxyConfig
we may want a configuration file like so:
forward-socks4a / 127.0.0.1:9050 .
confdir /etc/privoxy
logdir /var/log/privoxy
logfile logfile
debug 4096 # Startup banner and warnings
debug 8192 # Errors - *we highly recommended enabling this*
listen-address 127.0.0.1:8118
toggle 1
enable-remote-toggle 0
enable-edit-actions 0
enable-remote-http-toggle 0
buffer-limit 4096
hide-user-agent{Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101
Firefox/24.0}
We may want additional listeners and of course, if we don't configure
the user agents, we'll leak a lot of User Agent data that privoxy
won't replace inside of SSL/TLS connections.
All the best,
Jacob
