It is trivial to identify OS platform because browser work differently on each platform. Wjat Librewolf does with useragent on Linux actually is makes users stand out more because it isn’t what privacy.resistFingerprinting (RFP) reports on normally.
Hackers (like the comment scenario i was responding to) are substantially more likely to employ platform fingerprint than trust a fale useragent. And loads general websites employ fingerprinting, meaning deviation from default RFP behaviour makes you stand out (more than you already do by using RFP since it is a small pool already).
Agreed, I’m not saying it’s impossible to detect the OS, but it’s even more trivial for an adversary to regex the User Agent and serve the malware for that OS. The average user doesn’t even know what a User Agent is, and that’s who the drive by malware websites are counting on to infect because they’re easy targets.
Just like a real fingerprint, that will only identify the fingerprint to a person, not tell you that the fingerprint is from someone who is European. Fingerprints are used to track you across different websites, and build a profile of you for advertising.
My logic was that it is much more likely that someone will spoof there useragent already if they are on Linux. If threat actor is targeting not just Windows but also Linux, they probably would understand the very real likelyhood of platform spoofing.
It is trivial to identify OS platform because browser work differently on each platform. Wjat Librewolf does with useragent on Linux actually is makes users stand out more because it isn’t what privacy.resistFingerprinting (RFP) reports on normally.
Hackers (like the comment scenario i was responding to) are substantially more likely to employ platform fingerprint than trust a fale useragent. And loads general websites employ fingerprinting, meaning deviation from default RFP behaviour makes you stand out (more than you already do by using RFP since it is a small pool already).
Agreed, I’m not saying it’s impossible to detect the OS, but it’s even more trivial for an adversary to regex the User Agent and serve the malware for that OS. The average user doesn’t even know what a User Agent is, and that’s who the drive by malware websites are counting on to infect because they’re easy targets.
Just like a real fingerprint, that will only identify the fingerprint to a person, not tell you that the fingerprint is from someone who is European. Fingerprints are used to track you across different websites, and build a profile of you for advertising.
Yeah okay.
My logic was that it is much more likely that someone will spoof there useragent already if they are on Linux. If threat actor is targeting not just Windows but also Linux, they probably would understand the very real likelyhood of platform spoofing.