[squid-users] how to avoid browser finger printing using squid3

Amos Jeffries squid3 at treenet.co.nz
Fri Mar 6 05:06:19 UTC 2015


On 6/03/2015 5:11 p.m., vin_krish wrote:
> Hi all,
> 
>         Can we avoid browser finger printing using squid 3..? Please help
> me.

Yes and no. But mostly no.

Yes in that Squid adds/removes headers for its normal operation and that
can be extended to remove or change browser details.


No because;
 Firstly, the very act of avoiding fingerprinting is itself a
fingerprint signature.
 Secondly, even if you manage to completely mangle all fingerprint
details from the HTTP layer the browser AJAX/XHR or WebSockets
functionality has the ability to send browser info directly to the
server using encoded payloads - and is not limited to using HTTP for
that action either.
 Thirdly, the browser signature is not just what can be found in one
message but the collection of things it can (or not) do over teh whole
period in which its being fingerprinted - which brings you back to the
first problem.

If you have a set of particular things you want to do to alter your
fingerprint we can probably help wth that. But advice beyond that is
tricky - your situation WILL be different from others.

Good Luck.

Amos



More information about the squid-users mailing list