Improve Your Anonymity by Modifying Your HTTP Headers
June 6, 2008 – 2:33 pmUsing TOR or proxies just isn’t enough, because a peek at your HTTP headers will partially reveal your identity.
HTTP Headers reveals these details on every user:
- IP
- Remote Port
- Host
- Browser (User Agent)
- Accepted Language
- Cookies Enabled/Disabled
- Javascript Enabled/Disabled
- Screen Resolution
- Operating System
- Java Enabled/Disabled
- Anti-Aliased Fonts Enabled/Disabled
- Color Depth
- Number of Colors
- Pages in Browser History
- Locale
For this post we will be focusing on the bolded objects.
Browser - User Agent
Every browser has its own User-Agent. The user-agent is used to tell websites which browser I am using.
Some websites renders pages according to the client browser (to provide cross browser compatibility).
Another important detail that the User-Agent provides is the language of the browser. Firefox 3.0 (English version) user-agent looks like this:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0
If you would to install the Spanish version of firefox, the user-agent will look like this:
Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9) Gecko/2008052906 Firefox/3.0
Accepted Language
The accepted language header is your default input language which is set in the windows regional settings.
Control Panel -> Regional and Language Options -> Languages -> Details -> Default Input Language
Again, if this option is set to Spanish, the header that will be sent to the website is “Accept-Language: es-ES”
Locale
This header is also taken from the windows regional settings:
Control Panel -> Regional and Language Options -> Location
This header determines the country you live in.
All of these headers will reveal your real location (if set correctly).
If you are using a proxy, match the details of the proxy to the details listed in the HTTP Headers, otherwise it will partially reveal your identity, and expose the fact that you are using a proxy (even if the proxy is completely anonymous).
Here is an example of an obvious use of a proxy:
IP 80.201.243.108
Remote Port 1981
Host 108.243-201-80.adsl-static.isp.belgacom.be
Browser (User Agent) Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.9) Gecko/2008052906 Firefox/3.0
Accepted Language pt-BR
Cookies Enabled
Country —
Javascript Enabled
Screen Resolution 1024 x 768
Operating System Win32
Java Disabled
Anti-Aliased Fonts Disabled
Color Depth 32 Bits
Number of Colors 4294967296
Pages in Browser History 16
Locale pt-BR
Clearly, either the visitor has installed everything in portugeese, or he uses a proxy to hide his IP, but leaves other regional details intact.
If you are using Firefox, use the “Modify Headers” or the “Tamper Data” extensions to edit/hide your HTTP Headers.
6 Responses to “Improve Your Anonymity by Modifying Your HTTP Headers”
Don’t be rediculous. How is sending your locale, language and user agent string “revealing your identity”? That information is sometimes required to give you a page that actually works in your browser and that you can actually read. Somehow I fail to see the problem…
By Jason Borden on Jun 6, 2008
If you are using a proxy to hide yourself from webmasters, you should change these headers too, so the webmaster will not be able to know where are you located.
furthermore, if a webmaster sees a request from a ip located in belgium, but notices that the locale is BR, he will most likely think that your live in brazil but use a proxy located in Belgium
By AnonWatch on Jun 6, 2008
The latest betas of Torbutton(.torproject.org) take care of all this leaking info
By me on Jun 6, 2008
I really enjoy looking through your website
By casin virtuali on Jun 7, 2008
best site of its kind
By casino in linea italiano on Jun 7, 2008
I think the locale and language can compromise the anonymity in some degree. However, if only few users in your locale would go to this site, it would become a serious problem.
By ZXZ on Jun 8, 2008