Silo for Research (Toolbox) equips InfoSec professionals with powerful tools to securely and discreetly conduct online research. Operating within a disposable, cloud-based browsing environment, Silo for Research protects local machine resources while helping researchers avoid attribution exposure


To support misattribution, Silo for Research has the option to modify key browser fingerprint elements — such as the reported operating system, browser version/type, and language preferences. These adjustments can be configured centrally via the Browser Fingerprint Management panel in the Silo Admin Console, or applied in a more limited fashion directly within the Silo for Research browser session


Browser Fingerprint Management Definitions


Misattribution   the act of changing web server facing characteristics of your browser session, as a way to obfuscate your true identity, or to influence how web content is presented (e.g., Desktop vs Mobile). Within the context of Silo for Research, the characteristics that can be changed are geo-location, OS brand and version, browser type, version, and language

User Agent String (UAS) a s
tring of text passed to a web server at the beginning of an HTTP session to identify various attributes of a browser


More Info: Browser User Agent 
 


(IP) address Geolocation   the process of identifying a person’s location by IP address


More Info: https://support.authentic8.com/support/solutions/articles/16000027683



Language Settings  determines the default language displayed by the browser in the Accept-Language request-header



Technical Details
Options pertaining to Browser Fingerprint Management are available here: https://support.authentic8.com/support/solutions/articles/16000026579-how-to-create-a-toolbox-launcher

Egress Location

controls the server region where your Internet traffic emerges from

Browser Fingerprint

allows for the configuration of the User Agent string, platform (OS), language, and time zone

  1. UA String may be set to any of the preset values —or custom. Any valid UAS value is accepted in the custom field
  2. Platform may be set to Windows, macOS or Linux
  3. Language may be set to any language setting you like   
    1. More about Language Tags
    2. More about Accept-Language request-headers
  4. Time zone



Important: The default settings are set to apply the local Language and Timezone based on the egress node location


Configuration

Browser Fingerprint Management options can be managed within the Silo for Research (Toolbox) configuration pane within the Web Apps section of the Silo Admin Console. Additionally, it is possible to change the UA settings directly within an active Silo for Research session.

The policy to allow in-session changes to the UAS value is done through the Silo for Research Web App  shortcut configuration


Admin Console Settings

The following menu is shown in the Browser Fingerprint section of a Silo for Research web app:



If the settings are left as-is, the system will automatically use the default settings as defined by the native Linux operating system, along with the language and time zone of the selected egress node. The option to allow in-session changes to the UA string can be managed below.   

Click the Customize Browser Fingerprint checkbox to activate the Allow in session user agent switching option



The following options are available:

  1. User Agent choose one of the predefined UA settings, or select Custom User Agent to specify a custom Browser User Agent value
  2. Platform select from Windows, macOS or Linux
  3. Language enter a valid Language Tag
  4. Timezone select an appropriate or preferred timezone



In Session User Agent Changes

If in session user agent switching is enabled, end-users will be able to click the flag icon from the Toolbar, followed by Change. This will display a drop down list of available User Agent string values selecting a UAS entry will apply the change immediately




Browser Fingerprint Management and Misattribution Use Case

Non-attribution web browsing is the de-facto state for all Silo for Research sessions. When enabled, end-users have the option to change the characteristics of their browsing session in order to appear as something they are not. However, the intent of these features is not to guarantee complete misattribution in all scenarios. Rather, the intent is to make the changes sufficient enough to pass a cursory review of web logs, or other information to help avoid detection. This is especially true when Java or Flash are enabled in the browsing session


If properly configured, these technologies allow the web server to perform a more rigorous analysis of the web client attempting to establish a connection. Please note that a browser mismatch can be detected with websites that employ an advanced browser detection measure

For example: a Safari browser running on Windows, with certain Linux fonts installed. To a discerning eye, these would stand out and seem suspicious but at a cursory glance, they may go unnoticed 


Silo for Safe Access Native Environment

Both Silo for Safe Access and Silo for Research (Toolbox) sessions originate from Linux servers running a customized version of Chromium. The default settings are based on this environment when no custom Browser Fingerprint is specified


Native Language + Timezone Settings

Both Native Language and Timezone settings will be inherited from the egress node location. This promotes the most natural setting for the browser session




Please contact Support for any additional questions