Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I can see Facebook guestimates the browser (hypothetical example, Epiphany-Web showing as Safari, other times accurate), and it knows we're running Linux vs. Redmond, but does it know our Linux distro/kernel/desktop environment?
Unless you obfuscate or fake your signature (available to any HTTP protocol server to which you connect) the basic information about your browser and operating system is available. One of my Linux machines presents as running Mozilla on WinNT4. I run a utility on another so that my signature changes ever hour. Such obfuscation can cause some poorly crafted sites to display improperly or break, so I do nothing of the kind on my working machines.
I also do not bother on my Pinebook Pro, since nothing out there really understands what the heck that is anyway.
Distribution: debian, lfs, whatever else i need in qemu
Posts: 268
Rep:
What's more important to you, the fact that social network knows all your connections to people or the fact that social network knows which distro you use?
There are also forensic differences in certain parts of a TCP packet that provide good clues to the originating OS and at a lower level than the easily changed "user agent" in the browser.
There are also forensic differences in certain parts of a TCP packet that provide good clues to the originating OS and at a lower level than the easily changed "user agent" in the browser.
The OS and browser being used provide far less useful information than the contacts of the user. Facebook, Instagram, Twitter, et al all know every person you are or have been connected to. That is valuable information, and you give it to them freely by running their software. You can easily change devices, with different OS and browser, so that information is of little use to anyone. But knowing everyone you follow, or follows you, and every site you visit, is of considerable value, in multiple ways.
The OS and browser being used provide far less useful information than the contacts of the user.
Agreed.
Quote:
Originally Posted by sgosnell
You can easily change devices, with different OS and browser, so that information is of little use to anyone.
Disagree.
Knowing the use scenarios of the userbase is important. A few simplistic examples;
Are users using predominantly mobile devices?
Are they using the web interface on their mobile device in preference to any APP that's available?
Do we have legacy users that are using OLD devices / browsers?
This information allows companies to tailor and enhance their experiences accordingly to increase engagement which increases views / userbase / revenue / data.
Certainly knowing the OS and browser can be valuable to the site owner, and Google Analytics collects that. My point is, that information is of less use for attacks against the site visitors, and is not so easily connected to a specific person. All they get is an IP, the OS, browser, etc, but not necessarily the specific person using the computer. With a VPN they don't even get the IP. However, once the user logs in to the social media site, they know much, much more, and more use gives more connections. Generally, they know your name, your address, phone number, family member names, occupation, almost everything. That's why law enforcement and government security agencies go to them for information. Nobody knows more about you than Facebook, if you go there. Nobody. Except maybe Instagram which is a Facebook subdivision, and others very like it. I joined Facebook when it first started up at the behest of my daughter, for playing Scrabble online. After a short time I got suspicious and deleted my account and information. But I'm pretty certain it all still exists, and will forever, and has been sold millions of times. Knowing the browsing habits of the average customer is one thing, knowing almost everything about specific users is something else.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.