Dr. Christopher Kunz
For reference, this is how it _should_ look. This is our SecureDrop instance at "heise investigativ", reachable only via http://ayznmonmewb2tjvgf7ym4t2726muprjvwckzx2vhf2hbarbbzydm7oad.onion/
Sep 19, 2025 at 9:38amWeb
Show threadchrisSep 19, 2025

@christopherkunz thank you for the link to your SecureDrop instance.
Could not resist to check it out. On the page header the recommendation to use tor browser, while actually on tor browser (14.5.7 128.14.0esr) !?

#secure_file_drop #tor

Show threadDr. Christopher KunzSep 19, 2025
@chrispy That's odd. I'm not getting this banner and I'm on the exact same Tor Browser version. Maybe it's because you're on mobile? Can you paste your exact User-Agent string?
Show threadDr. Christopher KunzSep 19, 2025
@chrispy This is the regexp SecureDrop matches against:
const TBB_UA_REGEX = /Mozilla\/5\.0 \((Windows NT 10\.0|X11; Linux x86_64|Macintosh; Intel Mac OS X 10\.[0-9]{2}|Windows NT 10\.0; Win64; x64); rv:[0-9]{2,3}\.0\) Gecko\/20100101 Firefox\/([0-9]{2,3})\.0/
const TB4A_UA_REGEX = /Mozilla\/5\.0 \(Android( [0-9]{2})?; Mobile; rv:[0-9]{2,3}\.0\) Gecko\/(20100101|[0-9]{2}\.0) Firefox\/([0-9]{2,3})\.0/;
Show threadchrisSep 19, 2025
@christopherkunz Mozilla/5.0 (Android 10; Mobile; rv:128.0) Gecko/128.0 Firefox
/128.0
-> the number after Gecko with 3 digits!
Show threadchrisSep 19, 2025
@christopherkunz I sort of naively assumed that the User-agent of the exit node would appear in the logs :) But actually makes somewhat sense, the web page has to be displayed on the local browser variant :)