Random Agent Spoofer randomizes identifiable information in Firefox
Whenever you connect to a website, information are transferred to the server the site is hosted on as well as to third-party servers if scripts hosted on other servers are also loaded when the site is opened in your browser.
What is transferred depends on a number of factors, for instance if scripts are allowed to run automatically, or if you have certain plugins installed in the browser or not.
You can read more about browser fingerprinting here if you like, or head over to one of the Internet services that displays what your browser reveals about you.
You do have options to control what is being revealed about your browser. You can disable plugins and other features that you do not need, run the awesome script blocker NoScript, or use extensions that randomize what is being revealed to sites.
Update: Random Agent Spoofer is not compatible with Firefox 57 or newer. Chameleon is a port of the extension which you may use. It replicates most of the functionality and is compatible with Firefox 57 and newer.
Random Agent Spoofer
Random Agent Spoofer is a sophisticated browser extension for Mozilla Firefox that offers to randomize identifiable information for you.
It goes beyond extensions that let you switch the user-agent of the browser, or switch to a very common user-agent, as it can not only do that, but also change other privacy related settings to prevent additional data leaks. Plus, it can randomize profiles in intervals as well.
The extension adds an icon to the main toolbar of Firefox that you can use to open its preferences (left-click), or enable a new profile (right-click).
It will select a random profile from all that it supports by default, but you can limit that to desktop profiles only to improve compatibility with websites that may check the user-agent and block or limit services based on it.
One interesting feature here is the ability to change profiles on schedule, so that a new profile is automatically selected after a set amount of time has passed.
As far as other privacy options are concerned, it supports the following:
- Use standard font set.
- Disable local dom storage.
- Limit tab history to 2.
- Disable browser cache.
- Disable geolocation.
- Disable link prefetching.
- Disable DNS prefetching.
In addition to all that, it is also offering header spoofing options that you can enable as well:
- Send spoofed "If-None_Match" headers (ETags).
- Send spoofed "X-Forwarded-For" headers.
- Send spoofed "Via" headers.
- Spoof accepted documents.
- Spoof accepted encoding.
- Spoof accepted language (US English).
As you can see, there is a lot that you can spoof, hide or disable besides the user-agent of the browser.
Closing Words
The main feature that sets Random Agent Spoofer apart from other privacy related extensions that aim to hide or spoof user data is the ability to set a timer to change the profile based on intervals that you select.
While it is necessary to make sure that other browser related features are blocked from being reported to websites, plugins that you do not use come to mind, or making sure that plugins that you do use are set to click-to play, it is without doubt the most advanced spoofing add-on for Firefox at the time of review.
I´m using Dolus to spoof my ip address (just for fun, because sometimes it does not work), No Script, Flag Fox, Self Destructing Cookies and User Agent Switcher. My about:config settings: Referer = disabled, Geo ip = disabled, Dom = disabled, Clipboard = disabled, Flash = click to play. I think I got it covered for now.
Is there any way to stop sites seeing what plugins I have installed in Firefox?
I think click to play does that.
Websites are still able to detect my active AND disabled plugins, despite my FF’s settings as follows:-
• about:config > plugins.click_to_play = true (default)
• All active plugins => ‘Ask to Activate’
• All unwanted/ disabled plugins => ‘Never Activate’
How would this compare to Secret Agent add-on? https://www.dephormation.org.uk/?page=81
How does it compare? I guess I can answer that in part (I wrote Secret Agent).
Secret Agent has been in development since 2011. Random Agent Spoofer seems to have been modeled on the features of Secret Agent, but created around January 2014.
Both quality pieces of software. But different.
Where they differ, Random Agent Spoofer aims to use a battery of plausible profiles, where Secret Agent opts for a completely random semi-plausible (or even wholly implausible) browser profile.
Secret Agent provides for a whitelist capability, integrated into the context menu, allowing you to drop your guard automatically on trusted sites. Using Secret Agent, you can present a custom browser profile to whitelisted sites, allowing you to (for example) mimic Internet Explorer rather than reveal your actual web browser.
Secret Agent also includes localizations for English, French, German, and Danish.
Unfortunately you won’t find Secret Agent on AMO. I’m not a big fan of AMO.
regards
Pete
http://www.secretagent.org.uk
@Pete — I am unable to access the official Secret Agent website despite 3 page refreshes, because the website seems to be configured to totally block my ISP (HTTP 403 Forbidden). I think it’s because the SA website thinks my IP(s) is/are spamming it, even though today is the first time I’d ever visited the website.
Could you consider adding Secret Agent to AMO (which I can access) ? Alternatively, I would be very grateful if you can unblock my State-proxied IP address(es)**, or unblock all the ISPs at my location, or try detecting my real IP address.
** For info, I’m located where the State’s censorship laws make it mandatory for all ISPs to tunnel its users through transparent proxies which issue dynamic IPs. Hence, not only is the relatively small range of proxied-IP addresses shared by tens of thousands of users at my location, the ISP’s proxies also make HTTP requests appear to come from multiple IPs.
There is a even a special note at Wikipedia about the IP ban/ entire ISP ban faced by internet users at my location. Double whammy: The fascist State bans us from accessing “inconvenient/ objectionable” websites (yes, there is an officially-disclosed list of banned websites, & I’m sure, an undisclosed list as well), while certain websites (even if not banned by the State) block innocent users like us.
They seem to share several features. What I like about Secret Agent is that you can add a host whitelist to it. What I do not like is that it is not hosted on AMO.
Agree on both points. I have supported a request on Github to add the whitelist feature to RAS.
Even with this extension my browser shows as unique by
https://panopticlick.eff.org/
Shows all real fonts, browser, screen size and plugins.
I see no change with or without this extension and I highlighter almost all options.
The browser may show as unique, but that is not a problem if you switch between different profiles regularly.
For some reason it’s not working for me, FF28, ghacks and whatismybrowser both say it is reporting no user agent detected whatsoever with this addon installed and enabled, checked about:config for any issues/restarted/cleared the browser to no avail. Hmm
If you select the profiles manually, you need to set the spoofing to enabled manually.
Thanks for the response but pushed all the buttons multiple times, are you also running Preferences Monitor? I think it might be something with that, in the error console, even when I get the pop up that says a new profile has been applied, it says no new value is added to the “new” value.
I’m not running it, have you tried disabling Preferences Monitor to see if it is causing the issue?