New Web Browser Leaves No Footprints

eastbayted writes "InfoWorld reports a new web browser designed to protect users privacy is available for download. Called Browzar, it 'automatically deletes Internet caches, histories, cookies and auto-complete forms.' It also boasts a search engine, which the company will use to generate income. The 264KB application is the brainchild of Ajaz Ahmen, known for creating the U.K.'s first ISP Freeserve. The forthcoming version is for Windows only, but Mac and Linux versions will be available eventually."

Re:It sounded good until...

[legoburner]

Freeserve is a name I have not heard since the .com boom and hoped I would not hear again.
That is great that privacy is protected provided you dont mind:
server logs
ISP logs
upstream proxy logs/cache
dns cache
any identifiable information you give out to websites

Nice idea for the 'hide-it-from-your-wife' crowd, but other than that not too much use for this, and not really anything that is not provided by extensions for existing browsers already.

protect my privacy

[gEvil (beta)]

Protect my privacy, but sell my search results?

Re:It sounded good until...

[1u3hr]

Depending on how well it works, we're talking about a browser 10% the size of even links.

Since it requires IE 5.5 or above, I expect it uses IE for most functions. Not bad in itself, but it will probably be vulnerable to all the exploits IE is, and users being unaware of that, especially visiting the seamier websites infested with drive-by installers, may be seriously screwed. Nevertheless, if you have to use a PC temporarily and only IE is installed, it would be better than just trying to clean up IE.

Re:Two major limitations

[DoofusOfDeath]

sheesh, you OSS Zealots always want someone to share their code.

I didn't state a categorical mandate for all software to be open-source. I stated two downsides, in this particular application and in this particular domain, to the software being closed source. I didn't run around saying, "OMG - the code wants to be free!"

Why must he share the code?

I tried to be clear about the reason in my post. The argument is this:

• We know from experience that source code in general tends to have security vulnerabilities.
• We also know that fully covering your tracks is like security: just mostly getting it right isn't very helpful, because a knowledgeable hacker/investigator will exploit any known weakness.
• The open source community has in general shown a more aggressive attitude towards finding and fixing vulnerabilities than have closed-source teams. This may have something to do with the relative size of the two programming groups, or that the users of the software are more personally motivated to find and fix vulnerabilities than are the vendor's paid programmers.
• Therefore: in many cases an application can be more trusted to be secure if it's open source.

Re:Browzar is based on IE?

[kafka47]

They said, "coming eventually". "Coming soon" probably means "eventually" which probably means, "never". :-)

/K

Been checking up .....

[ajs318]

..... and I can't find a link to download the source code.

So-called "security" software without source code is worse than useless -- and would be outlawed if we had a sensible Minister for Information Technology. The information it's claiming to be hiding could be valuable, so there's a clear motive to lie about what it's doing -- and hiding the source code provides an obvious means. I, for one, wouldn't give it the opportunity.

I have set Firefox to ask me every time about cookies. As soon as I see a "__utma" or a "h2" cookie, I know at once the owners of that site have absolutely no concern for my privacy, and simply block all cookies from that site. Otherwise I usually accept cookies for the session only.

I also keep my day-to-day login password as secret as any of my root passwords, and always set up a brand new user account if anyone ever wants to use one of my computers for anything.

Given that it uses the IE engine . . .

[Ph33r th3 g(O)at]

. . . does it still leave the difficult to blow away INDEX.DAT [128.175.24.251] files?

Re:Best idea I've heard all decade

[BSonline]

See, despite the importance of porn, there are a couple of things to watch out for. That "huge download" will most likely still be on the laptop. And if you are using your corporation's network, the server you are connecting to will still have a record. But, hey, if you still feel safe...

'What happens if Browzar crashes?'

[bluebox_rob]

Maybe I'm reading this wrong, but the FAQ says
Each time you run Browzar it places a simple text file on your computer which contains a date and time stamp of the precise moment your Browzar session began. Normally this file is deleted automatically when you close Browzar, but in the event of a crash this file remains on the computer. All you need to do is run Browzar again immediately after the crash and Browzar will clean up anything left over from the crash by checking the time and date stamp and removing everything after that that point.

The fact that this process is necessary, and that something would be 'left over' in the event of a crash suggests that it does write stuff to disk and then deletes it again later, rather than just not hitting the disk to start with. Not that secure then really, and if it is based on IE I wonder if it shares the same temp-files folder, cookies folders, and uses index.dat? Plenty of scope for browsing traces to 'leak' into IE if this thing crashes and you don't remember to re-run it to clean up after itself.

privacy and closed source don't mix

[oohshiny]

If you wanted to catch people doing unethical things, the best thing to do would be to create software or services that promise to hide information and then collect information about the users. To get around that, the source needs to be audited by someone, and for this kind of product, that means that the application needs to be open source.

Re:and Opera too.

[CastrTroy]

But what about the stuff it stores in memory? presumably if you're using a non-encrypted swap partition, there's lots of data left in there after you close your browser. The sites which you need the most privacy on are the ones you need to log into. If you don't retain any cookies or other information, how does it maintain your session?

Re:Best idea I've heard all decade

[Anonymous Coward]

Wow- why would you take the Laptop to IT if it hangs up during a pr0n download? Thats when you tell the tale that you only turned your back for a minute at Starbucks and the laptop was gone!

Re:root on work PCs

[rikkards]

Um..
If you are listing the above situations and you go run a tool to reset the password, you should really make sure your resume is up to date as that is a huge fireable offense (in some situations possibly criminal). If you don't normally have access there is a reason for it.

Re:Best idea I've heard all decade

[ACNSlave]

But yes, I do have PGP encryption to all my files so only I have access to them. Thanks for your concern, but if you know what you're doing, you can fix/tweak a lot of windows issues too.

Thats nice. You get the feeling of "security" and we get to access your "secret files" via our keystroke logger. I think you've failed to think your cunning plan all the way through, MacGyver...

Bruce