If you don’t want to be identified, you can disable mssfix, just set it to zero on both server and client.
As for the OS/browser fingerprinting, I suppose you could just use p0f to figure out what your VPN "exit node" is running, then modify your user-agent to match.
Interestingly enough, it assumes that if it can't figure out either OS or fingerprint, they match:
Detected OS = ???
HTTP software = ???
...
Fingerprint and OS match.
No. You can identify a connection as "Tor" in several different ways. That's not the point of Tor. The point of Tor is that everyone using it looks the same as everyone else using it. You want the Tor user agent to be, essentially, "I'm Spartacus".
Right now TorBrowserBundle user agent is the most widespread version of Firefox over the most widespread version of Windows, and I think it should stay like this.
On the other hand we have something like Dishonored (RU). Because Steam. Somehow when I was buying it on Steam(without any proxies or vpn) I ended up with that version. Even tough I have paid full price, not lower one available in Russia.
Also Dishonored (RU) doesn't have a store page, it's impossible to write a reviews for it and so on.
I think the mobile part at the end was interesting. You might be able to spot users that swap phones (burner smartphones) just by that information. LEO's and NSA work on tech to detect that sort of thing. Might find this a useful tool combined with other methods.
I think the article would benefit from proofreading in general by a native speaker. I found it really hard going.
I'd say it's EFL, but that's speculation. The language seems pretty advanced in style but the author trips over things that native speakers of the same level generally don't.
Opening paragraph:
>A lot of people use VPN every day. Somebody use it in always-on mode to circumvent government or corporative internet censorship, while somebody use it from time to time to bypass geographic restrictions.
Common usage would be "A lot of people use VPNs every day."
Some people use them one way, somebody uses it another. As opposed to "somebody use".
The sentence structure is nearly there, but is just odd enough to stop it from flowing.
The content is great though. It's really interesting and is worth persevering for.
I'm not a professional but I'd happily do proofreading for content like this. The author has made some really interesting and useful content.
If the author had asked for feedback, I'd have fixed it up and sent it. But large scale unsolicited rewrites might be interpreted more negatively. Is there an accepted etiquette for such things? Or is it "be grateful, correct anything that changes the meaning, but don't be petty"?
The author is Russian and shows the typical, although quite subtle, occasional lack of definite/indefinite articles. I'm native and it doesn't bother me much; perhaps I'm just used to it.
Do any of you know a way to hinder/defeat these detection techniques?