Consider for a moment a typical User-Agent string sent by a Debian web browser: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.6) Gecko/20070802 Iceape/1.1.4 (Debian-1.1.4-1)
I agree that it is a bit too verbose and it might even be a security problem, but reaching consensus on what portions of string to strip off is not going to be easy.
Maybe there could be a low priority question when installing the browser. The use of phishing could be there too (another privacy problem) for iceweasel.
- choose your user agent: Mozilla/5.0 | Mozilla/5.0 (X11; U; Linux) | ...- do you want to use Google's based phishing detection? A list of known phishing sites will be downloaded from Google every 30 minutes: yes|no
Anyway, as somebody pointed out already, if no nobody else uses shorter user-agents, being *the* user with the "Mozilla/5.0" user-agent might be even more identiable than being a Debian user on a platform other than i386. But as time goes by more users will have that kind of user-agent, I guess. I would.
Eduardo