04/18/2016 (Mon) 09:25:41
This part is very simple: if you want anonymity you use Tor Browser, and you don't fuck with its default behavior (IOW, you do not alter it's fingerprint, otherwise you are reducing your anonymity set or, worse, deanonymizing yourself). Period.
Any other choice (currently) implies you don't really care much for your anonymity; which is not necessarily wrong in itself. For example, it might just mean that your threat model simply isn't that stringent, or "scary", so you don't actually need anonymity. (Actually, there are other arguments for demanding anonymity even if you think you, personally, don't need it. They relate to making population-scale monitoring and control harder and helping those that actually do need it by enlarging their anonymity set. So if you want to be a good net citizen, be anonymous!) If you are using any other browser (even if you tunnel it over Tor) then you *might* have location-anonymity (IP-anonymity), that is, of course, assuming you configured everything properly and don't have leaks. But you will still be (rather easily I bet) fingerprintable. Your IP might be hidden, and, if don't reveal yourself with poor opsec, your identity might not be immediately obvious, but it will be possible to correlate and link all your browsing sessions. This might, or might not, be enough to deanonymize you. (I hope you are able to see, then, the following corollary: using the same fingerprintable browser over Tor and on clearnet is the same as only using it over clearnet.) In the landscape of fingerpintable facets the user-agent string is such a small detail that it doesn't even matter if you change it or not, and, in fact, changing it, either statically or randomly, may very well make you even more fingerprintable because this could be yet another aspect that distinguishes you from the rest of the herd. Think about it: of the set of internet users who share all my _other_ fingerprintable facets, what percentage will also share with me this newly changed facet? IOW, by changing this facet (say the user-agent string) am I increasing the number of users who share it me? Or am I decreasing it, making myself more unique? And don't fool yourself thinking that a randomized facet is not fingerprintable: fingerprinting algorithms do not have to be stateless, they can remember and correlate apparently-discrete observation data-points. IOW, they can realize that you are wearing a scramble suit and simply put the "scramble suit" tag on you. OK, so now the question is, how many other users share the "scramble suit" facet with you while also sharing all your other facets? You see? This is the same question we were asking previously. Randomizing a facet does not defeat fingerprinting in any way, the very act of randomization becomes fingerprintable. (Also remember that your fingerprint is not the result of observing a single facet, but a combination of all observable facets.) So, in the end, the only defence against fingerprinting is to try and become as indistinguishable as possible from the largest possible group of anonymous users. So far it seems the best opportunity lies with the group of well-behaved Tor Browser users. (Read "well-behaved" as "non-idiotic": some people will even try to put Adobe flash on it.)