Maybe this is launcher specific, but on Pixel phones, when pulling up the list of apps to switch to, there’s a screenshot button, which is way easier and can be done with one hand.

Agreed, I’m not saying it’s impossible to detect the OS, but it’s even more trivial for an adversary to regex the User Agent and serve the malware for that OS. The average user doesn’t even know what a User Agent is, and that’s who the drive by malware websites are counting on to infect because they’re easy targets.

Just like a real fingerprint, that will only identify the fingerprint to a person, not tell you that the fingerprint is from someone who is European. Fingerprints are used to track you across different websites, and build a profile of you for advertising.

Generally browser fingerprinting is used to identify individual browser sessions across IP addresses. This mostly takes into account reported features and capabilities of the browser and OS to the website. Fingerprinting isn’t looking for specific info your browser reports, it’s taking it all and hashing it to get a unique id specific to the browser. Because it’s hashed, it can’t be reversed to identify the OS from the hash.

Sure a malicious website could Ignore the user agent and probe for some hardware capabilities that are specific to Linux, but that would be a lot of effort to probe various things which are set differently across all different browsers. I can’t speak for bad actors, but I wouldn’t spend the effort to check if the user agent is spoofed, if 95% of the time it’s accurate to get the OS type.

But this is an IPA

Everything they do is so dramatic and flamboyant.

lemmy.blahaj.zone might have an instance ban on that community. I’m not sure if the community can block members of instances, but I can’t see the community, and it’s not part of my user block list.

Does that mean the malware was once on your system?