Remove/Replace Generic Header Signature Filter

[JJoe]

As I understand things,
http://ip-check.info/description.php

JonDonym Wrote:The order and the content of the HTTP headers sent by your browser may be used to identify your browser type and to separate you easier from other web surfers.

The JonDonym server noted the order and content of some of the headers that my browser sent

JonDonym Wrote:The value shown here is a hash over the browser headers that are relevant for this.

and used that info to create a value aka signature. The value shows how such info might be stored.

JonDonym Wrote:Unfortunately, current web browsers do not allow to change the order of the headers sent by them. If you would like to reach the default values of JonDoFox, we therefore suggest you to use the Firefox browser. In the following, you see the recommended default values:

Generic header signature of Firefox
8ab3a24c55ad99f4e3a6e5c03cad9446
host
user-agent
accept
accept-language
accept-encoding
connection

Individual JonDoFox header signature
60b01cb7d790f6ab840104b525a79d6f
host
user-agent: Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/6.0
accept
accept-language: en-us,en;q=0.5
accept-encoding: gzip, deflate
connection

Some headers of requests passing through the JonDonym servers will have a specified order and content.
So to get lost in the JonDonym crowd when you aren't using JonDonym's servers, your browser needs to send as shown under "Individual JonDoFox header signature". Firefox (generic) sends headers in the correct order but you may need to spoof or change the user-agent, accept-language, and accept-encoding headers "to reach the default values of JonDoFox".

(Dec. 19, 2011 12:44 AM)costes Wrote:  it means the browser throws the value of a hash depending on which browser version you are using.

I haven't found it with wireshark.

(Dec. 19, 2011 12:44 AM)costes Wrote:  i've tested different versions of firefox and safari and they all return different hash values according to the browser version. using a similar version in different machines will throw the same signature

That's not unexpected, especially when the machines' operating systems are the same or the Proxomitron is modifying headers. The relevant headers sent to JonDonym's server would change with the browser but maybe not with the machine.

(Dec. 19, 2011 12:44 AM)costes Wrote:  its possibe to affect this signature by modifying or adding headers, if i could simply modify this hash by adding a few digits that would work great. i hope you can throw some example on how to do this.

You can't change the order of the headers. You can change their content. The Proxomitron can modify headers and some browsers allow changes.
But, I think you may be missing the point or I am?

I think JonDonym is trying to tell you to get lost in a crowd. I can only guess that they believe their headers provide the best crowd to hide in.

BTW, don't do anything that would make it worth somebody's time to find you.

HTH