Using Fx 70 in Linux, but before today I spoofed the useragent string to show Win 10.0, hoping for better compatibility. "SFCU" is the only financial institution that ev…
Using Fx 70 in Linux, but before today I spoofed the useragent string to show Win 10.0, hoping for better compatibility. "SFCU" is the only financial institution that ever said (or cared??) my Fx was out of date. They let me log in after clicking, "I understand the risks - continue."
They didn't say which old version they detected, but warned of possible security issues. I doubt there are any, but I have no way of knowing what stupid things their site maintainers / code may do if they detect a really old browser.
I've read there are other ways to sniff the browser than a few "general.useragent..." prefs, but I'm no expert. Doubt they are, either.
They must use a contract vendor to run the site. It's been >> a month since 1st asked them to tell me what they use to sniff the browser, because it was up to date & "general.useragent.override" reflected that. Generally, their IT dept isn't very helpful. I had to call them to tell them to upgrade OpenSSL when the big bug surfaced while back, after ~ 90% of financial institutions had upgraded. They knew nothing of it. Still waiting for a "thanks for your help."
For grins, I entered a science fiction blended UA string just to see what their system would say: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Chrome/74.0.3729.169. Obviously, Chrome doesn't use Gecko engine.
So their site didn't complain about outdated browser or screwy UA string. Their site displayed the same as always. I purposely mixed & matched the string. In fact, I didn't change the UA string back to a valid one yet & this site is displaying OK.
One issue in using any browser in LInux (as useragent string) is a very small pool of users, increasing fingerprint ability. If I found out that most sites (if using desktops) work fine, even if you spoof the OS AND browser, there'd be a much larger group of Windows 10 / Chrome users vs. Linux / Fx users.
Tor Browser spoofs the OS (same for all users) but not the browser. Has anyone ever tried this - recently - to see how many sites broke?