Click to Install Secret Agent

Firefox Users; See Notes on Firefox Addon Signing

Latest version 1.35 (released 2016-12-22, Release Notes).

Please follow the installation instructions below carefully. Protect your right to communication privacy, security, and integrity. Stop Phorm.

MD5 Checksum: 9e1128e537b4ebfc2d22c7c86fb832cb

SHA1 Checksum: 454b3c3c88a309af67c6988feece15e78bf94040



Languages;

English

Jeg ville være taknemmelig, hvis du kan hjælpe mig med at forbedre oversættelsen til dansk

in Deutsch übersetzt (dank Anton, und Frank)

traduit en français (merci à Lambic )

Please contact me if you would be willing to contribute a translation, or improve an existing translation.

With every web request (or page load, or browser session), Secret Agent does the following things;

About Secret Agent

The Secret Agent Add On is another counter surveillance tool, from the same developers as Dephormation.

Secret Agent enhances the privacy of your web surfing, by rotating your browser's 'User Agent' identity with every web request (or every page load, or every browser session)... rather like the plates on Bond's famous DB5.

Randomizing your User Agent makes it a little harder for crooks, rogue ISPs, spies like Phorm, corrupt Governments, and other nasty surveillance/tracking threats to correlate your clicks on the basis of 'device fingerprinting'.

Secret Agent can also

randomise the 'Accept' header presented by your browser... further concealing the type of browser in use generate spoof HTTP proxy headers ('X-Forwarded-For' and 'Via') ... making your connection appear to originate from a random IP address, connecting via a chain of proxies. generate spoof ETags headers ('If-None-Match') with random values, preventing ETags being misused for tracking (but potentially preventing caching on untrusted sites). optionally, override incoming 'Last-Modified' headers to add a random time offset, preventing outgoing 'If-Modified-Since' headers being misused for tracking randomise your browser's Javascript navigator.oscpu value, making client side 'device fingerprinting' less effective. warn when HTTP requests are redirected to another server.

According to the EFF's Primer on Information Theory and Privacy;

"It turns out that, in addition to the commonly discussed "identifying" characteristics of web browsers, like IP addresses and tracking cookies, there are more subtle differences between browsers that can be used to tell them apart. One significant example is the User-Agent string, which contains the name, operating system and precise version number of the browser, and which is sent every web server you visit."

You can test your browser on the Panopticlick site. To see the headers sent by your browser, try the HTTP header viewer at EricGiguere.com. You can also test the add on against the BrowserSpy.dk site. If you want to see the effect on tracking by eTags, try enabling 'stealth mode' while viewing the Cookieless tracking demo on lucb1e.com.

Surveillance systems like Quantum Cookie/ FoxAcid/ Phorm use a "man in the middle" attack to hijack HTTP requests, and redirect your browser to third party controlled web servers. Secret Agent's hijack detection feature can warn you when such events occur, and override hostile requests with a tell-tale URL.

For best results, please read the instructions below in full before you use this add on. Secret Agent, used in combination with cookie blocking, script blocking, and anonymity networks like Tor, is likely to be particularly effective at preventing anyone tracking your web surfing.

Features

Secret Agent allows you to switch between 'stealth' and 'default' mode with a single click. Click on the Secret Agent toolbar button or add-on bar icon to toggle between 'stealth' and 'default' mode;

You can choose to change your browser headers once per request, once per page load, or once per browser session;

Secret Agent randomises your browser 'User Agent' headers by picking a value from a list. You don't have to use the standard User Agent list. In fact, I'd encourage you to customise the list, to better match (or hide) the general characteristics of the device you use. I normally replace the standard list with 2,000+ desktop user agents.

Alternatively a simple block of nonsense paragraphs works well... For example, you could use a block of text from Project Gutenberg or a list of Bond Films. Web sites will usually default to a fail-safe 'standards compliant' version of their content when they don't recognise your browser's User Agent headers. More commonly, web sites ignore your User Agent completely.

On whitelisted sites, you can choose to present the browser's default User Agent, or configure a User Agent override.

Tip; start with a small list of user agents, and build on it once you understand the effect that randomising your user agent has on your net surfing. For greater stability/ease of use, closely match the list of user agents to your real browser. If you want to conceal the type of browser you use, try a broader range of obscure user agents instead.

The same method is used to randomise your browser 'Accept' headers.

And likewise a list of Javascript navigator.oscpu strings can be configured (not shown in pictures above).

The ETag spoofing feature adds a random 'If-None-Match' header value to outgoing requests, making it impossible for sites to use ETags to track your net surfing. Note that spoofing ETags may impair caching on untrusted sites (but in general has very little impact on browser performance).

Optionally, incoming 'Last-Modified' headers can also be changed, adding a random time offset (max +0hrs/min -24hrs) to prevent 'If-Modified-Since' headers in outgoing requests being used for tracking. Again, this may impair caching on untrusted sites.

Random HTTP proxy headers ('X-Forwarded-For' and 'Via') are also added to every outgoing request, making the actual source of your web requests more difficult to determine.

An easy to use host whitelist feature allows you to specify the trusted web sites that will receive the real User Agent and no spoofed headers;

You can also specify whitelisted host names using wildcards. The '*' wildcard matches any character string, and '?' matches any single character (eg, *.secretagent.org.uk or www.s?cr?t?g?nt.org.uk).

A dynamic context menu item gives you convenient methods to add/remove sites from your whitelist.

The hijack detection feature of Secret Agent alerts you to attempts to redirect your browser to third party controlled web servers, and allows you to override them with a tell-tale URL.

Example default tell-tale image:

Secret Agent also offers a gratuitous EJECT button.

If you're considering installing the Secret Agent Add On, and concerned about online tracking, you might also like to consider the Dephormation Add On which is also available from this site.

Secret Agent is tested on SeaMonkey 2.35 on Windows 8, Pale Moon 25.7 on Windows 8, Firefox 1.5 to 42.0 on Windows XP/7/8, IceWeasel 3.0 to 10 on Debian Linux, Firefox 3.6 on Fedora, . Will install into SeaMonkey 2.x , Pale Moon 1.5 - 26.x, Firefox 1.5 - 42.x on any platform. Also works under Vista, Windows 7, Windows 8, Linux, Mac, and all other popular operating systems supported by SeaMonkey, Pale Moon, Ice Weasel, and Firefox. Secret Agent is compatible with other popular add ons like AdBlock Plus, NoScript, RequestPolicy, Self-Destructing Cookies, HTTPS Everywhere, Better Privacy, TrackMeNot, RefControl. And Dephormation.