[Freedombox-discuss] How efficient is the freedombox privoxy?
Petter Reinholdtsen
pere at hungry.com
Mon Aug 26 18:25:57 UTC 2013
[Tim Retout]
> Here's a relevant upstream bug (from 2012):
>
> http://sourceforge.net/tracker/index.php?func=detail&aid=3539129&group_id=11118&atid=211118
Thanks. Not much activity there. Perhaps someone should suggest to
sort the sortable lists to at least make sure the ordering can not be
used to identify a given machine among those with the same set of fonts
and plugins?
> (Side note: Interesting tracking using HTTP etags:
> http://lucb1e.com/rp/cookielesscookies/ - there are probably limits on
> how anonymous we can make ourselves without breaking caching. In my
> browser, the uniquely identifying factor is the list of system fonts,
> so who knows how far we'll have to take this!)
If I remember correctly, the font list returned by browsers is in the
order the fonts show up in the font path, including the order each
dirent have in the font directories, causing the ordering to be a
function of the order each font package was installed on the machine in
question. I suspect sorting the font list would ensure people with the
same fonts installed will submit the same list to the web browsers, but
have not investigated this.
> An easy first step could be to ensure that the user-agent header is
> being replaced with something "ordinary". This will potentially break
> sites using useragent sniffing.
Sound to me like the wrong place to start, given the popularity of
useragent sniffing. :/
> FreedomBox's privoxy takes the normal privoxy tarball, and adds a
> bunch of rules taken from HTTPS Everywhere and Adblock Plus. I am
> concerned that these changes are not yet in a form where they can be
> included as patches in Debian's privoxy package.
Did you discuss it with the Debian provoxy maintaner?
--
Happy hacking
Petter Reinholdtsen
More information about the Freedombox-discuss
mailing list