How are some websites able to detect on which OS I am running the Tor Browser?

Tor Browser conceals the user's operating system by spoofing user agents. Currently it is Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0. I decided to test whether the function actually does its job by visiting multiple detection websites on Tor Browser in both Windows and Linux then comparing the results. 1. GIMP Download Page(https://www.gimp.org/downloads/) 1) Tor Browser on Linux (we think your OS is Linux) 2) Tor Browser on Windows 11 (we think your OS is Microsoft Windows) 2. https://bowser-js.github.io/bowser-online/ 1) Tor Browser on Linux

Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
        
        Firefox/102.0
        browser
        	name	"Firefox"
        	version	"102.0"
        os
        	name	"Linux"
        platform
        	type	"desktop"
        engine
        	name	"Gecko"
        	version	"20100101"

2) Tor Browser on Windows 11

Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0
        
        browser
        	name	"Firefox"
        	version	"102.0"
        os
        	name	"Windows"
        	version "NT 10.0"
        	versionName "10"
        platform
        	type	"desktop"
        engine
        	name	"Gecko"
        	version	"20100101"

3. https://useragentstring.com 1) Tor Browser on Linux

Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0
        Firefox 102.0
        	Mozilla	MozillaProductSlice. Claims to be a Mozilla based user agent, which is only true for Gecko browsers like Firefox and Netscape. For all other user agents it means 'Mozilla-compatible'. In modern browsers, this is only used for historical reasons. It has no real meaning anymore
        	5.0	Mozilla version
        	Windows NT 10.0		Operating System: Windows 10
        	rv:102.0	CVS Branch Tag The version of Gecko being used in the browser
        	Gecko	Gecko engine inside
        	20100101	Build Date: the date the browser was built
        	Firefox	Name : Firefox
        	102.0	Firefox version

2) Tor Browser on Windows 11

Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0
        Firefox 102.0
        	Mozilla	MozillaProductSlice. Claims to be a Mozilla based user agent, which is only true for Gecko browsers like Firefox and Netscape. For all other user agents it means 'Mozilla-compatible'. In modern browsers, this is only used for historical reasons. It has no real meaning anymore
        	5.0	Mozilla version
        	Windows NT 10.0		Operating System: Windows 10
        	rv:102.0	CVS Branch Tag The version of Gecko being used in the browser
        	Gecko	Gecko engine inside
        	20100101	Build Date: the date the browser was built
        	Firefox	Name : Firefox
        	102.0	Firefox version

So Tor on Windows was able to hide the fact that Windows 11 was run instead of 10. But the Linux version was unable to hide the fact that Linux was the OS. I ran all tests with no extensions except the built-in

. Also 2-b) shows an additional

; x64;

that is not present in the user agent. How are websites able to deanonymize your OS? Are there subtle differences in implementation that cannot be covered by user agent spoofing? Is there a way for Tor on Linux to blend in with Tor on Windows?