Everybody Lies

Slide 1

the 8 minute version that contains none of that boring shit and just the jokes and weird stuff s e i l y d o b y er v e fronteers conference — jam sessions, october 6th 2016

Slide 2

: g n i n war this talk is full of lies and deception

Slide 3

Slide 4

… s ye this talk is about browser sniffing

Slide 5

? y h w

Slide 6

browser sniffing is dirty

Slide 7

you should use feature detection

Slide 8

: s er op l e v e D b e W Dear d i p u t S s i g n i f f i n S er s Brow http://www.webstandards.org/2002/12/20/dear-web-developers-browser-sniffing-is-stupid/

Slide 9

er s ow r B y h W s on s a e 5R s k n i t S g n i f f i n S https://www.sitepoint.com/why-browser-sniffing-stinks/

Slide 10

everybody uses browser sniffing

Slide 11

Slide 12

… y h w is browser sniffing so difficult?

Slide 13

things started out simple

Slide 14

Mosaic Mosaic/0.9

Slide 15

Netscape Navigator Mozilla/1.0 (Win3.1) code name of the browser

Slide 16

but it quickly started to get complicated

Slide 17

Internet Explorer Mozilla/1.0 (compatible; MSIE 1.0; Windows 95) compatible with Netscape Navigator 1.0

Slide 18

Opera Opera/10.00 (Windows NT 5.1; U; en) Presto/2.2.0

Slide 19

Opera Opera/9.8 (Windows NT 5.1; U; en) Presto/2.2.0 Version/10.00 real version of the browser

Slide 20

Firefox Mozilla/5.0 (Windows; U; Windows NT 6.0; en; rv:1.9.1) Gecko/20090624 Firefox/3.5 build date of the rendering engine

Slide 21

Firefox Mozilla/5.0 (Windows NT 6.0; rv:2.0) Gecko/20100101 Firefox/4.0 build date is no longer updated

Slide 22

Firefox Mozilla/5.0 (Windows NT 6.0; rv:16.0) Gecko/16.0 Firefox/16.0

Slide 23

and it gets worse…

Slide 24

Safari Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10_4_11; en) AppleWebKit/525.27.1 (KHTML, like Gecko) Version/3.2.3 Safari/525.28.3

Slide 25

Chrome Mozilla/5.0 (Windows; U; Windows NT 6.0; en) AppleWebKit/525.27.1 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/525.28.3

Slide 26

Opera Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36 OPR/31.0.1889.180

Slide 27

Internet Explorer Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Slide 28

Edge Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/525.28.3 Edge/12.10162

Slide 29

and those were all relatively normal user-agent strings

Slide 30

sometimes browsers lie to hide their true identity

Slide 31

Opera Opera/9.80 (X11; Linux zbov; U; en) Presto/2.9.201 Version/11.50

Slide 32

Opera Mobile (desktop mode) ROT 13 encrypted “mobi“ Opera/9.80 (X11; Linux zbov; U; en) Presto/2.9.201 Version/11.50

Slide 33

Internet Explorer Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)

Slide 34

Internet Explorer (compatibility view) Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0) Trident 5 means it’s Internet Explorer 9

Slide 35

and it is possible to change the user-agent string yourself

Slide 36

XSS attacks

Slide 37

XSS attacks

Slide 38

funny people (╯°□°）╯︵ ┻━┻ Mozilla/10.0 (compatible; MSIE 10.0; CP/M; 8-bit)

Slide 39

angry people

Slide 40

angry people FuckZilla/666.0 (Gavnoid; Debile; rv:123.0) FuckYou/123.0 FuckingFox/321.0 Opera/9.80 (Windows NT 6.1; U; FuckYou; xx) Presto/2.10.229 Version/11.62 Seriously, Go fuck yourself W3C standards are important. Stop fucking obsessing over user-agent already.