0

As part of my efforts to thwart fingerprinting, I used Google Bard to tell me how to randomize my HTTP accept headers with Requestly. However, when I go to https://amiunique.org to check my accept header, it doesn't change. What am I doing wrong and what should I be doing?

Screenshot of Requestly

Here is the override value: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7

Destroy666
  • 5,299
  • 7
  • 16
  • 35
GodOfWisdom3141
  • 1
  • 2
  • 2
    Google Bards suggested solution isn’t technically correct. This is the reason OpenAI generated content shouldn’t be trusted. – Ramhound Aug 15 '23 at 22:02
  • 1
    Hello, I don't see anything on the screenshot that would attempt to randomize something. What does "randomization" here mean exactly anyways? What's the pool of headers that should be considered? Are you also talking about Requestly app or browser plugin? – Destroy666 Aug 15 '23 at 22:20
  • @Destroy666 I am using the browser extension. What I mean by randomization is that Requestly should randomly select a header from a list of valid headers. – GodOfWisdom3141 Aug 15 '23 at 22:27
  • 3
    Surely if you want to thwart fingerprinting then a random fingerprint is counterproductive? Having the most absolutely generic fingerprint makes their data useless, having a random fingerprint would make you somewhat unique and potentially identifiable. If a series of absolutely unique fingerprints can be tied to a single IP address then that's almost as good as yelling "IT'S ME AGAIN" while having a generic fingerprint would allow you to hide in the crowd. – Mokubai Aug 15 '23 at 22:28
  • I don't see anything in the extension that would let you enter multiple values in the 1st place, let alone randomize them. – Destroy666 Aug 15 '23 at 22:31
  • @Mokubai I didn't think of that, thanks for the advice. Although, what if I use a VPN? – GodOfWisdom3141 Aug 15 '23 at 22:32
  • @Destroy666 What should I do then? – GodOfWisdom3141 Aug 15 '23 at 22:37
  • Setting a basic one like suggested above could work. Otherwise not much you can do with this extension. – Destroy666 Aug 15 '23 at 22:44
  • The kind of "random" solution [hallucinated](https://en.wikipedia.org/wiki/Hallucination_(artificial_intelligence)) by your "AI" is the same kind of random as https://xkcd.com/221/. It may well be a random string, but it was chosen once and has no programmatic rules that are parsed by the application to produce an output. You are setting a header to a fixed value and nothing more. If you want a true random header then you'll probably have to pay a real programmer to write an extension for you rather than trusting that AI is not simply [confidently wrong](https://youtu.be/ZZoT005p8ko). – Mokubai Aug 15 '23 at 22:46
  • 1
    Using a VPN does not necessarily provide any level of anonymity or random uniqueness. VPN endpoints are trivially discovered and mapped, and again, with even a casual skim of data you could pick out unique fingerprints among crowds of generic users from them, but as you are using a VPN you have potentially marked yourself as more than just a "normal" user and your unique random fingerprint is even more of a red flag. You use VPNs to mask your original IP address and allow you to bypass restrictions between you and the internet, not to make yourself appear as "just another guy on the internet." – Mokubai Aug 15 '23 at 22:59

1 Answers1

0

You can add a random number in the Header value using predefined rq_rand(num_digits) function.

Here is the source code on Github - https://github.com/requestly/requestly/blob/master/browser-extension/mv2/src/modules/PreDefinedFunctions.js#L13

If this works for you, you can try something like this

Request Header - Accept

Value (Add rq_rand(4) as suffix in the header value)

text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7;rq_rand(4)

Sachin Jain
  • 431
  • 3
  • 15