Google Chrome User-Agent Extension
Christian Schaller
cschalle at redhat.com
Mon Sep 28 15:42:05 UTC 2015
I talked to the Wikipedia sysadmin some time ago and there is a plan
to switch to a new system which should be kept up to date more regularly.
In general I think the browser vendors response to concerns about the
user agent is to suggest using incognito mode.
Christian
----- Original Message -----
> From: "Michael Catanzaro" <mcatanzaro at gnome.org>
> To: desktop at lists.fedoraproject.org
> Sent: Monday, September 28, 2015 11:39:31 AM
> Subject: Re: Google Chrome User-Agent Extension
>
> On Mon, 2015-09-28 at 10:42 -0400, Stephen Gallagher wrote:
> > This bug was just brought to my attention:
> > https://bugzilla.redhat.com/show_bug.cgi?id=1266569
> >
> > It appears that this extension is now installed by default on the
> > Fedora Workstation release. I don't personally have a problem with
> > this, but could someone please point me to where the decision was
> > made
> > and discussed so I can update the BZ and close it out?
>
>
> It's to allow sites to collect of statistics on the number of Fedora
> users, in particular Wikimedia [1]. (But notice the big red warning at
> the top of the page, about that report not being maintained. I wonder
> if we are still using this or not.) Note that for Firefox and
> WebKitGTK+, we simply used patches rather than browser extensions.
>
> The disadvantage is that it does of course make your browser
> fingerprint more unique, which caused me to hesitate at first, but I
> think the privacy concerns are quite minimal. Servers already know
> you're using non-Ubuntu Linux, which is a very, very small class of
> users. [2] is very likely to show that your browser fingerprint is
> unique (or almost unique) with or without Fedora in the user agent. And
> none of that matters, because sites can use several forms of
> supercookies (e.g. using HSTS database abuse, or using IndexedDB;
> probably also with WebSQL or localstorage, not sure) to identify you
> uniquely irrespective of any of this. The only possibly-significant
> harm is that it informs the server that you're using Fedora rather than
> some other distro. We can debate whether that should be kept private by
> default, but I don't think so. :)
>
> [1] https://stats.wikimedia.org/wikimedia/squids/SquidReportOperatingSy
> stems.htm
> [2] https://panopticlick.eff.org
>
> --
> desktop mailing list
> desktop at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/desktop
More information about the desktop
mailing list