All this does is tell me what kind of browser and operating system you're using. On the legitimate end, I can make modifications on my page to handle various peculiarities of different browsers so the page will work the same for everyone. On the other hand, I can use that information to launch an automated attack against you which will be really easy since I know exactly what browser, operating system, and the versions of each.

Blocking OS Info

In theory, this should be pretty easy to block without affecting your Internet browsing. I thought there'd be a simple plugin or browser option for it, but I haven't found it yet. Let me know if you know of something.

If your IP address isn't being blocked or routed somehow, this tells me approximately where you are in the world and what Internet service you use. This will also usually tell me exactly what computer is connected which, in turn, could tell me which person.

Since businesses can't afford to keep changing IP addresses all the time, I can also be fairly certain that you belong to X or Y company or government agency. So, if you're someone in law enforcement (for example), maybe I hide my hacks and bad information when I see you coming. If you're from a competitor company, I show prices much lower than normal to hopefully mess up your pricing research. There's a lot I can do if I know who's connecting to me.

Blocking IP

The only way to block your IP address is to use a proxy of some kind. This is where you connect with a computer and that computer gets webpages for you and returns them to you. The proxy computer acts as a shield that keeps the Internet from knowing who it's actually dealing with.

Called the "referrer", this value tells me the site you just came from if you used a link to get here. The legitimate function is that I can tell who's linking to me and do traffic analysis. However, this also gives me useful information that you might not want to give me.

For example, if you came from a search engine, you'll probably see your search terms listed (which means I can see it too). That's not likely a big deal in most cases, but in some cases it's worse. If your company has a web page called:

http://www.company.com/competitors/hostile_takeover_targets.html

Now say on this page, you list a few links to the homepages of companies you're about to take down. If anyone in your organization clicks on one of those links, the target company will see that webpage as the referrer. This gives advance warning which is probably what you don't want.

Blocking Referrer

This is one of the easier ones as you only need to type web addresses manually or cut and paste. Referrer is only sent if you click on a link. Therefore, if you right-click, choose "Copy Shortcut" and paste it into the address bar instead (or anything else that will get you there without actually clicking on it), you will eliminate the referrer value.