Schneier on Security
A blog covering security and security technology.
« Behavioral Profiling Nabs Warren Jeffs |
| Antiterrorism Expert Claims to Have Smuggled Bomb onto Airplane Twice »
September 1, 2006
New Anonymous Browser
According to Computerworld and InfoWorld, there's a new Web browser specifically designed not to retain information.
Browzar automatically deletes Internet caches, histories, cookies and auto-complete forms. Auto-complete is the feature that anticipates the search term or Web address a user might enter by relying on information previously entered into the browser.
I know nothing else about this. If you want, download it here.
EDITED TO ADD (9/1): This browser seems to be both fake and full of adware.
Posted on September 1, 2006 at 8:23 AM
• 54 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Well, the "Browzar" actually uses IE 5.5 or higher to get all the stuff displayed so caveat emptor...
Indeed, this is just a "shell" for IE. Seems like a marketing gimick for folks who don't understand how their web browser works.....
That URL points to a placeholder page.
What is so new about this? You can set Firefox to do that easily. Safari can be used in private mode.
The question is not if it removes stuff from your PC but what about in the web cache of your ISP / Employere etc. Most of which can be directly tied back to your account/PC.
I suspect people are just getting the illusion of increased security from this product.
I think the point is the ppl are becoming awear of the problem. This is a good thing.
Why is this such a big deal? I'm seeing this in major papers today....but I have had my Firefox set to delete private info since I started using it. Plus as others have said its not like it cloaks your ip...
You are going to use this at work?
Big deal, what about company proxys and firewalls..logs..huh?
You are going to use it at home?
well whats the point if its your computer??
Very pointless product IMO
There are app sandbox programs like GreenBorder that accomplish roughly the same objective, and work with browsers other than IE. Check out http://www.greenborder.com/
I found general machine performance took a hit, and sandoxed apps took a long time to load. YMMV.
Yeah firefox does this also if you select a few boxes in it's options.
Well, what about the headers? does it clean the headers? the headers are always visible so it would be hard to maintain the statement of being totally anonymous isn't it?
From the press coverage of this thing, it seems more focused on anonymity/privacy within the group of users on a particular pc than anonymity with respect to to world at large. That's an interesting problem for some people (those who use communal computers or those whose associates may use/snoop their machines) but different from the general anonymity/privacy problem.
i know, i was talking about that silly faux anonymous "browzar".
Well, it just gives the users a false iimpression: they think there safe now.
that is my opinion. If it we're truly anonymous and cleans all tracks, why didn't the 'real' browser builders implemented this also 'default' in the their browser?
the awnser is simple: "browzar" just doens't do what they say it does, cleaning everything, and removing all prints.
Oh by the way this should be the joke of the day i guess:
"The browser is currently available for Windows and Ahmed plans versions for the Mac OS and Linux. "
yeah right?, like i'm going to use that on my linux machine.
Just let me know when you can have rotating live IP addresses that change from ISP to ISP, and country to country on the fly...... :)
@David: Tor does this. Refreshing Google every few minutes you'll often see the language change as your exit node switches countries.
"Just let me know when you can have rotating live IP
addresses that change from ISP to ISP, and country
to country on the fly"
New exits for new connections and 10 minute rotations for nonpersistent connections I believe.
Combined with a content scrubbing proxy like Privoxy and a competent browser's "delete private data" type setting you've not only achieved what this bit of snake oil pretends to do, you've hidden your IP and most all your identifying information.
Not to mention effectively satisfying your mutable IP criteria. ;)
I heard that it's not true. I leave some information in the IE-Cache I heard!
Is it the 1st of April again already? - must have been hibernating
I don't see how "anonymous" applies. Privacy, maybe (although that also appears to be in question).
I'll go for Anonym.OS anytime...And free
LOL, you done been punked. A supposedly secure browser that is itself a security risk (and is built on top of one to boot).
IMO, anyone who uses closed source (of any kind) and trusts it to have any real degree of security (without having examined the source code) is a fucking lunatic.
Luckily for the big corporations who spew out such shit, there's plenty of these people out there to sell their crap to.
Bruce wasn't punked -- he cited the sources, and added the caveat that he himself has not investigated the claims.
Now, Computerworld and InfoWorld, on the other hand...
This is an abomination, Bruce.
It's a shame, it at first seemed rather good. Although I like the minimal design, I'm very used to thoroughly detailed browser interfaces now, with submenu's, and highly configurable options yet not too complicated. Unfortunately, for me Browzar seems overly tacky, and cheap looking in comparison, albeit visual design is not the emphasis here.... But I still use it occasionally, yet I don't know why, I think it's time to go, I can't find a way to use it to its full potential[ie. i dont visit sites the FBI, MI6, ''big brother'' would be particularly interested in. At least I bloody well hope not! Those pervs.] Perhaps useful in a public library, because of the small file size and ease with which to uninstall it. Really, the pedophiles browser.
Also it is free, yet so are so many other browsers, which offer the same privacy-aiding capabilitys[disable ''last-visited'' pages, cookie management/disabling, turn off cache etc, general stuff].
The old saying springs to mind..''if it sounds to good to be true.....''
Reports are all over about this flaw now. http://www.theregister.co.uk/2006/09/04/...
This, and the so-called ''adware''[I honestly didn't notice a thing. Sponsored links are only visible on some search terms. I didn't find any sponsored links for wikipedia using Browzar Search.]
Any way, I think this campaign is now pretty much doomed. The wide-spread perception of ''adware'' in this day and age[cmon, it is actually beginning to sound almost child-like] along with the fact it doesnt actually work as advertised[for now] doesnt do the whole idea any justice...
Also, It seems to have incorporated Ask.com as the new search engine..at least I can read some headlines now..
As others said, anonym.os does this and even
optionally randomizes your MAC address.
Or you could use an encrypted home directory.
Or you could use VMWare player and the
browser appliance, and throw away any
changed state periodically.
Ars Technica took a look at the claims of "adware" and "malware" and seems to have concluded it's neither.
Regarding adware, all they found was that Browzar puts sponsered links in a different place than Google does. Read the article for the rest.
but spammers still alive...
how to protect yourself... [huh?]
Real spammers still alive
how to protect yourself [huh?]
Okay, now that we've gotten past a few ignorant posts here's my scoop for everyone, you'll benefit for life by happening across my post here.
1. If you really want to find out a program's integrity, don't use it unless they offer a 'free trial period'. If they do not, there's a reason they want to snap up your cash prior to you inspecting their 'software'.
2. Before you buy ANYTHING, do a Google search on the product or website's name and type in the plus sign (+) complaints. Like this (without the parensthesis), 'anonymizer+complaints' or 'hidemyip+complaints', you get the point... This will generally show you all of the Lemmings in front of you that bought that crappy piece of software before you and are now so piss*d off that they've posted complaints on the web somewhere. Really saves you a whole bucket of time & money.
3. If you wish to be even more protected, download a free trial version of whatever software you're thinking of buying and then try to defeat it with programs built specifically for defeating the software you're checking out. You can usually find these programs as downloadable with a free trial version as well, so your still not losing a cent.
For example; I wanted to see if the controversial 'hidemyip' software really hid me as well as they said it did. I typed in 'hidemyip+complaints' on Google and didn't see anything to raise a red flag. Then I went to www.whatismyip.com to check my ip address. Indeed, my ip had been changed! Great, now I can surf anonymously, right? Wrong. Because I downloaded VirtualRoute's free thirty-day trial IP tracing software and ran the IP tracker on my new IP address. Virtual tracked me back to my original real IP after thirteen hops. Obviously, this halted my decision to purchase it, since if I can trace myself, so can anyone else with a moderately intelligent brain.
There's my nugs of wisdom for the day, which I will close with this final little info gem; if you do decide to purchase a program online, go to E-Bay or any auction site & see if some entrepeneur is distributing the program for less money. Make sure you get the same tech support and warranty that the actual company would give you as well, get it all in writing and you can save a bundle. If you want the best whatever product, type in Google 'compare' and the product name. Google will show you all the products in that category so you can what other products are offered and then compare them for quality & price. I've often bought an entirely different program when I found a better product that does what I want for less money elsewhere.
Oh, and if you use this information and save a fortune, then send me half of it. Or not.
email: biospex at yahoo! com
notrax comes with a virus, so avoid that too. tor network rulz :)
lol I just checked out their search engine and the "aggressive ads" don't bother me. Why? Because I use firefox and adblocker so now I've blocked all shitty spam and porn and whatnot. Except those damn animated ads. can't block those for some reason.....
Ive tried "Tor".
Although it seems to function like advertised,I found the network to be waaaay to slow for me.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.