New Web Browser Leaves No Footprints

eastbayted writes "InfoWorld reports a new web browser designed to protect users privacy is available for download. Called Browzar, it 'automatically deletes Internet caches, histories, cookies and auto-complete forms.' It also boasts a search engine, which the company will use to generate income. The 264KB application is the brainchild of Ajaz Ahmen, known for creating the U.K.'s first ISP Freeserve. The forthcoming version is for Windows only, but Mac and Linux versions will be available eventually."

Best idea I've heard all decade

This will be on work laptops across the world.

Surfing for porn on the company's own hardware is a difficult problem to solve because you know that the machine's going to hang up on you right in the middle of some huge download and you're going to have to take that dead machine down to IT where they will come to know all about your little addiction.

With this software, you can be sure you're clean even when the PC crashes.

They selling stock?

Re:Best idea I've heard all decade

Or they find out about when the unproven software ends up giving someone full access due to a dodgy exploit.

Uh, you mean like Internet Explorer?

Re:Best idea I've heard all decade

See, despite the importance of porn, there are a couple of things to watch out for. That "huge download" will most likely still be on the laptop. And if you are using your corporation's network, the server you are connecting to will still have a record. But, hey, if you still feel safe...

Re:Best idea I've heard all decade

Torpark will do the same , it even encrypts your data .

I don't know if it works trough the company firewall though .

Re:Best idea I've heard all decade

If your porn browsing results in "huge downloads" on your laptop, you should probably have some paper towels handy.

Use lynx via SSH

SSH into your own box, and surf p0rn sites with lynx. what? you don't go there just to read the articles?

Re:Best idea I've heard all decade

If you got root at your pc at work, I suggest creating an additional account for you "personal recreation". An if you're really don't want anybody to see it, encrypt the home directory [gentoo-wiki.com]. I think that's a good protection against accidentally revealing uncomfortable information on your pc.

However, You have to take into account that all your internet traffic passes through IT-departments gateway. So you better check wich policy they got on non-workrelated internet traffic. Best thing you can do is set-up an encrypted tunnel [gotomyvnc.com] to some server outside your network (use HTTP-encapsulation if you can only use HTTP).

I fail to see the benefit of using a supposedly secure browser. Any reasonably competent IT guy will see right trough it.

Safari has similar capabilitites

Safari has a 'Private Browsing' mode that creates no history, cookies, cache.

Re:Safari has similar capabilitites

Yes, but what does Firefox do if it crashes, or you need to close it quickly?

Not to mention, do this and you lose ALL your browsing history. What if you want to keep some of it?

Re:and Opera too.

Not the same: In Safari, you don't create a footprint of what you don't want recorded frst, just to later erase it together with the rest of your browsing history, it just doesn't write anything about your web-surfing onto the disk while in "private surfing" mode.

Re:and Opera too.

But what about the stuff it stores in memory? presumably if you're using a non-encrypted swap partition, there's lots of data left in there after you close your browser. The sites which you need the most privacy on are the ones you need to log into. If you don't retain any cookies or other information, how does it maintain your session?

Re:It sounded good until...

Freeserve is a name I have not heard since the .com boom and hoped I would not hear again.
That is great that privacy is protected provided you dont mind:
server logs
ISP logs
upstream proxy logs/cache
dns cache
any identifiable information you give out to websites

Nice idea for the 'hide-it-from-your-wife' crowd, but other than that not too much use for this, and not really anything that is not provided by extensions for existing browsers already.

Re:It sounded good until...

Smells like it's using the IE engine to render the pages.

There's no way you could pack a full graphical browser into 264K on a windows box.

And, without graphics, a porn browser is hardly useful.

Re:It sounded good until...

Depending on how well it works, we're talking about a browser 10% the size of even links.

Since it requires IE 5.5 or above, I expect it uses IE for most functions. Not bad in itself, but it will probably be vulnerable to all the exploits IE is, and users being unaware of that, especially visiting the seamier websites infested with drive-by installers, may be seriously screwed. Nevertheless, if you have to use a PC temporarily and only IE is installed, it would be better than just trying to clean up IE.

Strange privacy protection

1. Enter IE, go google.com, logoff if necessary, close IE
2. open browzar, go google.com, autheticate with your gmail account
3. close browzer
4. open IE, go google.com.... still authenticated!!!

perhaps it needs some more debugging.

hth

Not-a-fact!

Ajaz Ahmen, known for creating the U.K.'s first ISP Freeserve

Freeserve was far from the UK's first ISP. There were hundreds of ISPs, including large players like Pipex, Demon, Compuserve and AOL in the UK, along with much smaller ones like Eclipse before Freeserve came along.

Freeserve was the first ISP not to charge a monthly fee, but not the first to exist.

Re:Not-a-fact!

From TFA

"..Freeserve, the first U.K. Internet service provider (ISP) to offer free Internet access to customers in the late 1990s."

I dont know how that became..

"..Ajaz Ahmen, known for creating the U.K.'s first ISP Freeserve."

hats off to the /. editors

Re:Not-a-fact!

It still wasn't free.

In this country, local rate (0845) calls are not free.

Browser with more honest PR department

http://en.wikipedia.org/wiki/Heatseek [wikipedia.org]

At least they are more upfront with their mission... ;P

Nothing new

I'm not trying to be an OSS zealot here (honestly), but how does this do anything that Firefox doesn't do already? Preferences/Options, Privacy, Clear Private Data tool settings button. (The way to get there might be different in the Windows version, but you get the idea.) You can have it blow away history, forms, passwords, download history, cookies, cache data, and authenticated HTTP sessions automatically when you quit. And a few of those can be disabled outright from the start. And of course, Safari has a similar option too.

Re:Nothing new

'm not trying to be an OSS zealot here (honestly), but how does this do anything that Firefox doesn't do already?

If the text is to be believed, it does 1 thing firefox doesn't.

Fit on a 5.5" DSDD Floppy.

Knoppix?

This reminds me of what happened to me once, when I was manning a booth at a conference trying to convince people to use Linux. We tried to get people to buy a Knoppix LiveCD from us to try it out. So, two people came and were mostly intersted in the fact that if they use the LiveCD to browse the web, none of their data is saved anywhere.

Regarding this "Browsar", does it delete all caches/cookies, or not save them at all? Because just deleting can be not secure enough unless you do it very carefully. Also, what about the swap? Is it deleted or avioded?

Re:Knoppix?

Regarding this "Browsar", does it delete all caches/cookies, or not save them at all?
From the browzar FAQ

Does Browzar store cookies? If so, why?

Browzar only ever stores cookies temporarily, automatically deleting them when you close the programme. For many sites, such as internet banking or shopping sites, it is necessary to store cookies to keep you logged into the site or hold shopping cart contents while you perform your transactions. If you visit a site using Browzar where a cookie for that site already existed on the computer prior to you using Browzar - the cookie will not be deleted. However the cookie's 'Last Accessed' date and time stamp may be updated to the date and time you visited the site associated with the cookie using Browzar.

Browzar is based on IE?

It is unlikely that they developed a modern web browser from scratch.

There is no indication on their web site that it is based on anything though.

http://www.browzar.com/ [browzar.com]

I found this one message on google groups (in french) which indicates it is based on Internet Explorer.

http://groups.google.co.uk/group/fr.comp.infosyste mes.www.navigateurs/browse_frm/thread/19f96a99deb3 0fc1/76965389104729e7?lnk=st&q=browzar&rnum=2#7696 5389104729e7 [google.co.uk]

Anyone know any better?

Re:Browzar is based on IE?

Well, it does require at least MSIE 5.5 in order to run.
So yes, this is only a new frontend.

Re:Browzar is based on IE?

Quick check with process explorer shows that it uses mshtml.dll as well as MFC.

"Coming soon" to linux indeed.

Hmm...

But does it work well on a USB flash drive? From the description it seems like it might. Anyone have an idea?

Most browsers already give you options to allow you to not store most of this information already. Firefox has a key combo to (transparently, optionally) wipe out selected areas of this data. Someone mentioned an option for Safari. Opera probably has something too somewhere.

Two major limitations

1) It's closed source. So even if we assume good intentions on the authors' part, not many people have had a chance to scruitinize the code for weaknesses. The recent flap about how "wiped" mobile phones can still have their databases recovered is an example of this issue actually happening.

2) It sounds like it only keeps the local computer clean of history. Which I guess is good if you don't want your boyfriend to find out you like the whole Furbie sex scene. But when you're later divorcing him because he won't put on a chipmunk suit, and his attorney subpoenas Yahoo to get records of your search history, you're not protected. I think to be protected from THIS sort of thing the browser ought to default to using an anonymizer proxy.

Re:Two major limitations

sheesh, you OSS Zealots always want someone to share their code.

I didn't state a categorical mandate for all software to be open-source. I stated two downsides, in this particular application and in this particular domain, to the software being closed source. I didn't run around saying, "OMG - the code wants to be free!"

Why must he share the code?

I tried to be clear about the reason in my post. The argument is this:

• We know from experience that source code in general tends to have security vulnerabilities.
• We also know that fully covering your tracks is like security: just mostly getting it right isn't very helpful, because a knowledgeable hacker/investigator will exploit any known weakness.
• The open source community has in general shown a more aggressive attitude towards finding and fixing vulnerabilities than have closed-source teams. This may have something to do with the relative size of the two programming groups, or that the users of the software are more personally motivated to find and fix vulnerabilities than are the vendor's paid programmers.
• Therefore: in many cases an application can be more trusted to be secure if it's open source.

Obligitary funny story about Google Autocomplete

Ok. I just posted this to them as an example of why people should be very, very careful, but it's funny enough I should share it here.

A few years ago I was doing IT consultancy in London, and a client had a problem with her PC all acting funny.

I went along, it was the secretary/receptionist's PC so she moved over, and sat next to me watching what I was doing as I investigated.

I found a suspicious DLL beginning with 'S' running on the system, so I did what you would normally do, do a google search and see what it comes up with.

As soon as I typed the first 'S', up pops good old google autocomplete:

"STD clinic london"

I typed as fast as I could and hoped she didn't notice!

Turned out her PC had a virus too.

Jolyon

Firefox plugin

There's a Firefox plugin that does the same thing. Stealther [mozilla.org] claims to do the same thing, but what I don't know is how well it really covers its tracks. A forensic investigation into a hard drive can easily reveal browsing history, even if one cleans his or her history and deletes cookies, etc. I have heard of a browser that actually "shreds" this information (similar to Eraser [heidi.ie] but I can't seem to find any information on this browser.

protect my privacy

Protect my privacy, but sell my search results?

A simple front end for IE

It just a simple front end for IE. There are already plug ins to do this in Windows with other browsers and at least then you wouldn't be browsing with IE so the pages would look nicer. This seems like a bit of a waste/ploy/piece of junk.

Been checking up .....

..... and I can't find a link to download the source code.

So-called "security" software without source code is worse than useless -- and would be outlawed if we had a sensible Minister for Information Technology. The information it's claiming to be hiding could be valuable, so there's a clear motive to lie about what it's doing -- and hiding the source code provides an obvious means. I, for one, wouldn't give it the opportunity.

I have set Firefox to ask me every time about cookies. As soon as I see a "__utma" or a "h2" cookie, I know at once the owners of that site have absolutely no concern for my privacy, and simply block all cookies from that site. Otherwise I usually accept cookies for the session only.

I also keep my day-to-day login password as secret as any of my root passwords, and always set up a brand new user account if anyone ever wants to use one of my computers for anything.

but I already have one...

I already have a browser that leaves no footprints - Firefox Portable [portableapps.com]. Loaded on my 1GB Swiss Army knife [swissbit.com] the only thing it leaves on the host machine is a pluginreg.dat - which contains nothing about my internet use.