“I identified 23 relevant elements on ‘User Agent’ and ‘HTTP_ACCEPT Headers’ alone”
How many of these would you have to change to make your browser look different?
And if you changed them every so often you can’t be consistently identified.
I’m not enough of a conspiracy theorist to believe we are being tracked right now because the amount of info that would have to be stored is so vast it staggers the mind, but it is an interesting issue going forward.
I don’t think people change them themselves; things they install (plugins, extensions, etc) do.
“And if you changed them every so often you can’t be consistently identified.”
It sounds good. Maybe with some “random UA” plugin. If your browser is compatible enough the site optimizations for the browser you’re claiming to be won’t mess up the page too much. Maybe displaying an empty UA string would be enough, if lots of people do that, but some sites will think you’re a bot and maybe lock you out. There’s a chance that random UA will be adopted by bots, making this a moot point :P
HTTP_ACCEPT is another thing. It tells what HTTP features can you use. Randomizing it would degrade performance. Maybe there’s a subset of it that can be shuffled and won’t give trouble, but it’s a gamble.
“...to believe we are being tracked right now...” Well, we most probably aren’t, it’s just like fingerprints, we leave them averywhere.
Oh, and to answer
“How many of these would you have to change to make your browser look different?”
Just one of them would be enough (using this definition of “unique”). All of them have to be the same for two browsers to be considered identical. That’s why it’s so easy to have a unique one.