Tool in the Spotlight: Random Agent Spoofer

This month’s Tool in the Spotlight: Random Agent Spoofer, a Firefox extension that gives you control over how your browser identifies to sites you visit.

Many sites create a fingerprint of you when you visit them. Usually, this information contains the ‘User Agent’ string, which (oversimplified) is a combination of the name of your browser, its version together with the name of your operating system with its version (this is much oversimplified, check out the wikipedia page for more info). This is useful information for those operating the sites you visit because it enables them to send you content that is specific to your browser. Specifically, if the site detects that you are visiting them using a mobile browser/device, it will send the mobile version of the site; if it sees a desktop browser or device, it sends the desktop version of the site.

However, with HTML5 and CSS3 in specific, websites no longer need to have multiple versions for different browsers, they can use “media selectors” to have the site render correctly instead.

The remaining use of the user agent string is being reduced to just fingerprinting you so that you can be uniquely identified based on what your browser tells the site it is and is capable of using a technique called browser fingerprinting. So even though you aren’t logged into the site, it knows it is you before you told it that it is you. Obviously, we are not a fan of this kind of thing. No-one should be forced to identify or legitimize themselves unless out of their own volition.

Enter “Random Agent Spoofer“, a tool that is part of the solution by changing the way your browser identifies to sites. It makes it super easy to select a particular browser and version you want to impersonate or you can set it up to change how it identifies every so often by itself. Once configured, there’s nothing you need to do.
Obviously, and similarly to other tools we highlight, this tool is not the one, single tool to use which will solve all your problems, but it adds to making it harder for sites to identify you as you visit them.
On top of that, Random Agent Spoofer gives you control over script injection, cookie behavior, headers sent to the site when you request it, etc… all making it harder for the site to figure out who you are (and make their efforts to do so, more frustrating and less accurate).

Check out the tool at https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/. This tool is an open source tool currently hosted on GitHub, which means that you can look at the source code and figure out what exactly it is that it does, and how it does it – if that’s your thing (it is for us).

NOTE: we are entirely unaffiliated with whoever produces this tool, we receive no compensation whatsoever from them.

Tool in the Spotlight: uMatrix

This month’s Tool in the Spotlight is another Firefox extension: uMatrix.

uMatrix is a tool we love because it puts you back in control of where your browser will connect to when you visit a web page instead of handing that control over to whoever created the web page. Without it, your browser will just connect to and download everything and anything the page tells it to connect to or download. uMatrix gives you back the control to specify what you want your browser to connect to (and thus spend your bandwidth on) and what you don’t want your browser to connect to.
The benefits of uMatrix are that it significantly enhances your security, privacy and greatly reduces your network usage (i.e. your browsing becomes faster since requests that are not made, are requests you don’t have to wait for).

By default, uMatrix works in a ‘relax block-all/allow-exceptionally mode’. What this means is that only ‘first party’ assets, namely those directly related to what you’re visiting, are allowed to be downloaded. Anything else that is attempted to be downloaded will be blocked.
In this mode, you’re really telling your browser to “go get this specific thing and make sure you get just that thing, don’t bother with anything else“. These ‘anything else’ could be third party scripts, trackers (like cookies, tracking pixels or any other analytics code), images, etc.
Sometimes this will break a web page that really does rely on these third parties, but you is easily fixed by the ‘allow-exceptionally’-part of this mode: the matrix lets you specify which types of assets (scripts, images, cookies, etc.) you are allowing to be downloaded from other places for this specific site. There is an excellent write-up at https://github.com/gorhill/httpswitchboard/wiki/How-to-use-HTTP-Switchboard:-Two-opposing-views about how to do this.

NOTE: we are entirely unaffiliated with whoever produces this tool, we receive no compensation whatsoever from them.

Tool in the Spotlight: youtube-dl

This month’s Tool in the Spotlight: youtube-dl, a command-line program to download videos from your favorite video site(s). It works on Linux, Windows and macOS.

This tool enables you to download (almost) any video from your favorite video site so you can watch it later or just keep a copy of it around. It has support for over 800 sites and that list is always growing. It has an extensive set of options you can give it, including proxy settings and, what’s very interesting for this kind of thing, geo-verification proxy settings that enables you to do location “correction” or spoofing.

You can get the source for the tool and instructions on how to install it or build it yourself at https://github.com/rg3/youtube-dl.

NOTE: we are entirely unaffiliated with whoever produces this tool, we receive no compensation whatsoever from them.