Understand the results

1 - Introduction : Your browser accesses Internet websites you visit by using the HTTP protocol (see RFC 2616). This protocol includes some standard headers, which send out information about your computer, such as your browser name and version, your Operating System, etc... This information can be used to good purpose by legitimate websites (for example, determining your language and redirecting you accordingly to the correct language page), but also can be used for malicious purposes. 2 - What can the information in the HTTP headers be used for ? : Transmitting this information can have undesired effects. A Website could collect this information, and cleverly determine where you are living, which browser version you are using, which Operating System, guess your ISP, determine the version numbers of certain programs you are using, etc... At the worst, the information collected could allow a malicious hacker to know which vulnerabilities your browser/OS are vulnerable to; they could allow the hacker to identify you geographically (the Internet should be anonymous), and sometimes even determine some of the programs you have - including their version numbers (some programs modify the HTTP headers and put their signature in them, which means they can be identified). Once this information is collected, it is easier for someone malicious to use an exploit against you (this method is used currently, to choose the correct exploit and to automatically infect you), or simply to learn some things about you/your machine that you were not aware you were making available. If you are in a corporation, a proxy may reveal your LAN client IP, which you probably don't want to reveal. This can give to a potential attacker confidential information about your network, the proxy software and version you use, etc... 3 - Privacy VS Usability : As stated above, some HTTP headers can be used legitimately to customise the website you are viewing to your language or browser. For instance when you try to install the macromedia flash player plugin, it redirects you to the correct plugin corresponding to your OS and your browser. However, depending on your own evaluation, it can be considered to be at least a privacy intrusion, and at worst as providing a potential attacker with very useful vulnerability information. By choosing to restrict or modify some of the information transmitted in the HTTP headers, you can increase your privacy by preventing certain information from being transmitted; however this may affect the functionality of some websites. The balance between privacy, security and usability is up to you. 4 - What is the best defense ? : The best defense, above all else, is to keep your programs/web browser/OS all up to date. Thus, you will not be vulnerable to attack via known patched vulnerabilities; even when the aforementioned information is transmitted it cannot be directly harmful, because you cannot be directly attacked. Then, and only then, if you determine that this information constitutes a privacy violation, and you wish to improve your privacy, you can alter/delete/modify these HTTP headers using various programs. You can use a program which acts as a local software proxy on your machine, between your browser and the Internet, and which will be able to intercept and modify the HTTP headers. However you can't modify your IP address, since it needs to be correct for the website data to come back to you (to view the website). If you do wish to hide your real IP address, you can use a dedicated anonymous Proxy server on the Internet; this will obviously have a different IP to yours, and will hide any identifying information in the HTTP headers. 5 - Conclusion : By browsing the Internet, you inadvertedly send some information out about yourself; that is a fact. I am not saying that this is a bad thing; as said it is part of the HTTP protocol standards, and it has legitimate uses. The fact that it can be used maliciously should not undermine the legitimate uses. However, depending on your opinion, you may wish to alter the standard information transmitted, to match the privacy level you want. It is really up to you to balance your privacy against your browser's usability. Most of the websites you visit won't complain if you tell them you are using a Lynx browser from an XboX console "OS", going through a Playstation Proxy (totally bogus, of course); but some websites will block you, telling you that you must use Internet Explorer... Guillaume Kaddouch.