Ben Bucksch wrote: > System release > This is a huge security problem, since an attacker knows beforehand > and through all proxies, which kernel version the users uses, and can > place a directed attack. I suggest to remove the kernel version. > Current: uname -srm, e.g. "Linux 2.2.16-3 i686". > Proposed: uname -s, e.g. "Linux", or uname -sm, e.g. "Linux i686". > Personally, I prefer the former, but I can see the usefulness of the > latter, and the latter doesn't have security problems (that I would see). > Bug 57555 I would like to extend that to Windows: A "Win95" is just as revealing as a "Linux 2.0.5". I suggest to output only "Windows" or maybe "Win32" for all Windows platforms. However, this is much more likely to break sites. Anybody knows, what the sniffers look after? "Win"?
