I got curious to see how the different browsers identify themselves to the world via their User agent strings and I must say that each browser's string reveals a lot about both the browser makers and their philosophies regarding user privacy.
Here is a simple table that I compiled with the information that I collected (sorry if it gets too wide):
|Samsung Galaxy Tab S||Firefox 35.0||
|Samsung Galaxy Tab S||Firefox 35.0.1||
|Samsung Galaxy Tab S||Android's 4.4.2 stock browser||
|Samsung Galaxy Tab S||Updated Chrome||
|Vanilla tablet||Android's 4.1.1 stock browser||
|Vanilla tablet||Firefox 35.0.1||
|iPad||Safari's from iOS 8.1.3||
|Notebook||Debian's Iceweasel 35.0.1||
So, briefly looking at the table above, you can tell that the stock Android
browser reveals quite a bit of information: the model of the device (e.g.,
SAMSUNG SM-T700 or
TB1010) and even the build number (e.g.,
Build/JRO03H)! This is super handy for malicious
websites and I would say that it leaks a lot of possibly undesired
The iPad is similar, with Safari revealing the version of the iOS that it is running. It doesn't reveal, though, the language that the user is using via the UA string (it probably does via other HTTP fields).
Chrome is similar to the stock Android browser here, but, at least, it doesn't reveal the language of the user. It does reveal the version of Android, including the patch-level (that's a bit too much, IMVHO).
I would say that the winner respecting privacy of the users among the browsers that I tested is Firefox: it conveys just the bare minimum, not differentiating from a high-end tablet (Samsung's Galaxy Tab S with 8 cores) and a vanilla tablet (with 2 cores). Like Chrome, Firefox still reveals a bit too much in the form of the patch-level. It should be sufficient to say that it is version 35.0 even if the user has 35.0.1 installed.