On Fri, May 10, 2019 at 11:40 PM Chris Peterson <cpeter...@mozilla.com> wrote: > I propose that Win64 and WOW64 use the unadorned Windows UA already used > by Firefox on x86 and AArch64 Windows: > > < "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 > Firefox/66.0" > > "Mozilla/5.0 (Windows NT 10.0; rv:66.0) Gecko/20100101 Firefox/66.0"
Would there be significant downsides to hard-coding the Windows version to "10.0" in order to put Windows 7 and 8.x users in the same anonymity set with Windows 10 users? (We could still publish statistics of Windows version adoption at https://data.firefox.com/dashboard/hardware ) > And that Linux omit the OS architecture entirely (like Firefox on > Android or always spoof "i686" if an architecture token is needed for UA > parsing webcompat): Do we have any anecdata of the Web compat impact of not having anything between "Linux" and the next semicolon? Is there any evidence that " i686" would be a better single filler for everyone than " x86_64" if something is needed there for Web compat? Do we have indications if "Linux" is needed for Web compat? According to https://docs.google.com/spreadsheets/d/1I--o6uYWUkBw05IP964Ee2aZCf67P9E3TxpuDawH4_I/edit#gid=0 FreeBSD currently does not say "Linux". (Chrome on Chrome OS does not say Linux, either, but does say "X11; ".) That is, could "X11; " alone be sufficient for Web compat? (I'm happy to see that running Firefox in Wayland mode still says "X11; ". Let's keep it that way!) Do we have an idea if distros would counteract Mozilla and restore the CPU architecture if we removed it? Previous evidence suggests that distros are willing to split the anonymity set for self-promotional reasons by adding "; Ubuntu" or "; Fedora". Is there a similar distro interest in exposing the CPU architecture? https://docs.google.com/spreadsheets/d/1I--o6uYWUkBw05IP964Ee2aZCf67P9E3TxpuDawH4_I/edit#gid=0 suggests making Firefox on FreeBSD say "Linux". Are there indications that the self-promotion interests of FreeBSD wouldn't override privacy or Web compat benefits of saying "Linux"? > I propose no change to the macOS UA string at this time. Removing > "Intel" now would not reduce any fingerprinting entropy (all modern Macs > are x86_64) and might risk confusing some UA string parsers. If AArch64 > MacBooks become a real platform, I propose we then remove "Intel" so > x86_64 and AArch64 macOS would have the same UA string: > > < "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:66.0) Gecko/20100101 > Firefox/66.0" > > "Mozilla/5.0 (Macintosh; Mac OS X 10.14; rv:66.0) Gecko/20100101 > Firefox/66.0". Or they could have the same UA string by Aarch64 saying "Intel"... Meanwhile, could we make the system version number "10.14" (or whatever is latest at a given point in time) regardless of actual version number to put all macOS users in the same anonymity set? (Curiously, despite Apple's privacy efforts, Safari exposes the third component of the OS version number. Also, it uses underscores instead of periods as the separator.) > Here is a spreadsheet comparing UA strings of different browser and OS > architectures: > > https://docs.google.com/spreadsheets/d/1I--o6uYWUkBw05IP964Ee2aZCf67P9E3TxpuDawH4_I/edit#gid=0 The reference there to https://bugzilla.mozilla.org/show_bug.cgi?id=1169772 about exposing _some_ Android version number for Web compat says the reason not to make Firefox claim the same Android version for all users regardless of actual system version is that doing so would require bumping the version later: https://bugzilla.mozilla.org/show_bug.cgi?id=1169772#c36 It seems that for privacy reasons, we should claim the latest Android version for everyone even if it means introducing the recurring task of incrementing the number annually or so. -- Henri Sivonen hsivo...@mozilla.com _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform