Comment on What's going on with User Agent strings?:

There is a method for identifying browser/platform that is much more reliable than UA/CH headers. It’s browser fingerprinting via feature testing. One needs not look much further than the MDN compatibility tables to devise a method of detecting specific browsers. I’m willing to bet that there’s multiple bits of information unique to Chromium on Windows 11 too.

See: https://coveryourtracks.eff.org/

The EFF’s panopticlick is opensource and the anti-fingerprinting code of browsers is opensource. There’s likely many relevant projects easily discoverable on Github as well. For proprietary methods, spending some time reverse engineering WAFs such as Cloudflare can’t hurt. Cloudflare goes as far as to weigh low level networking protocol parameters into it’s bot score rating system,i.e., TCP and TLS properties such as cipher parameters and protocol extensions (signature algorithms). The browser/platform/CPU combination of your system will result in different TLS configuration and Cloudflare does a good job at using AI to learn/filter it’s traffic.

Some random site (https://amiunique.org/fp), correctly identifies the Linux kernel version I’m using, etc. etc. I also think Nmap deserves a mention.

There’s more than enough information to correctly identify the browser/platform. There may very well be enough information to make fingerprinting more reliable than IP addresses.

Replies

No replies yet.