Spoof your browser window size and other params not supported by tor team using random agent spoofer xpi extention for firefox. Keep in mind that you must install xpi from github and not from mozilla’s site which has cut version of the plugin.
If you’re using Tor Browser, what is recommended in Whonix documentation, then you don’t need this. On the contrary, it would make you stand out from other Tor Browser users.
What people fail to grasp–and I have seen this time and time again–is that there is a trade-off between two different types of security. On one hand there is the threat of drive-by-downloads and browser compromises and on the other hand there is the threat of tracking. The more a person tries to cumstomize their settings in order to prevent the former the more easily victimized they are by the latter.
Tor itself has decided that there is more to fear from tracking than browser compromises–that’s legitimate. It’s also legitimate to fear the reverse. It all depends on what one is doing on-line and hence what one’s threat model is. Personally, I find it a difficult question because, at least in theory, both can compromise one’s identity–just in different ways.
It does not really matter if your browser has unique fingerprint if your ip is hidden… If they don’t know who is that person they may only see what that anon is doing. But what matters is malware built into mozilla products. FOr the sake of fun open about:config and put the word mozilla and make search. You will see that tons of info is leaked to that godzilla reptile… via different updates, plugins and so on. Unlike that xombrero does not secretely leak any info to anyone if compiled the right way.
I am not among those who believe in tor anonymiry… And i am not the only one. You must use the proxy vpn chains from countries syria + cuba + hungary + north korea where usa J…s have no power. Still tor is a good means to overcome ip bans. But for serious work you are to acquire some very old pc and use those proxy chains with better own encryption algo.
THis is a good way also to break their databases because some 90 user-agents are assigned to your profile. If all people start doing it their database will blow up by 90 times and it will make additional load on their hardware and brains. 