Opened 15 months ago

Closed 15 months ago

Last modified 15 months ago

#27671 closed defect (duplicate)

User-agent OS info leak

Reported by: time_attacker Owned by: tbb-team
Priority: Immediate Milestone:
Component: Applications/Tor Browser Version:
Severity: Blocker Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Tor Browser 8.0 on Linux has user-agent
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0

This behavior can aid fingerprinting or vulnerability exploitation.

Tor Browser 7.x.x and before had one single Windows user-agent even on Linux platforms, only Android (Orfox) had other UA.

Child Tickets

Change History (3)

comment:1 Changed 15 months ago by traumschule

Resolution: duplicate
Status: newclosed

Hi time_attacker, you are late to the party, but you can easily catch up if you want: #26146

comment:2 Changed 15 months ago by time_attacker

I suspect Windows/MacOS version is leaked through UA.

comment:3 Changed 15 months ago by time_attacker

Why did the Tor Browser team release Tor Broswer 8.0 with such a critical bug?

Note: See TracTickets for help on using tickets.