To make it more private, that's another story. Poor Firefox actually tries its best not to make you identifiable in some superficial ways - e.g. lying about user agent in "obscure" OSes. My FF reports 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/blah Firefox/blah', and I am not on Windows. I don't remember enabling anything like this in any way so I assume it is the default behaviour. This is with "nothing" as an option for DNT btw (neither yes nor no).
Ultimately this is moot as you can't get around your font & rendering fingerprints that can be extracted from a hidden canvas element, but hey. Still better than serving it up in a platter.
> your local IP is actually going to be very unique for some people, more so than just having this "feature" disabled.
How so? It'll fall ion pretty standard ranges. I only find any use/value in it when combined with the remote IP + the rest of your env. characteristics.
When you have to delve into about:config to disable it, 99.99% of people will have it enabled. This + your remote IP would pretty much identify you just fine.
The user agent string is just a convoluted mess because websites started displaying content based on that string so newer browsers had to fake it so they would still work with these websites. User agents don't mean much nowadays because of this.
> Ultimately this is moot as you can't get around your font & rendering fingerprints that can be extracted from a hidden canvas element, but hey. Still better than serving it up in a platter.
I am not sure FF hides the real OS in user agents. Check about:config for general.useragent.override and if its value exists, then at some point you or a plugin specified an override.
To make it secure, disable all plugins.
To make it more private, that's another story. Poor Firefox actually tries its best not to make you identifiable in some superficial ways - e.g. lying about user agent in "obscure" OSes. My FF reports 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/blah Firefox/blah', and I am not on Windows. I don't remember enabling anything like this in any way so I assume it is the default behaviour. This is with "nothing" as an option for DNT btw (neither yes nor no).
Ultimately this is moot as you can't get around your font & rendering fingerprints that can be extracted from a hidden canvas element, but hey. Still better than serving it up in a platter.
> your local IP is actually going to be very unique for some people, more so than just having this "feature" disabled.
How so? It'll fall ion pretty standard ranges. I only find any use/value in it when combined with the remote IP + the rest of your env. characteristics.
When you have to delve into about:config to disable it, 99.99% of people will have it enabled. This + your remote IP would pretty much identify you just fine.
${witty_double-edged_sword_quote}