Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Browzar, the privacy that may not be

Published: 2006-09-04
Last Updated: 2006-09-04 18:57:23 UTC
by Joel Esler (Version: 3)
0 comment(s)
Browzar -- a 'wrapper' for IE is supposed to wipe all traces of the sites you have visited, cookies, and history files on your computer.  However, many experts have claimed that it is spyware.  This is due to Browzar setting the home page to their own search page which allows them to insert sponsored links intermixed with regular links.  We suggest you take a look at some of the recent articles about Browzar, like this one over at BBC News, and then make your own decision.

Browzar has received a lot of recent attention on mailing lists like Full-Disclosure, claiming the 'Browzar' leaves the last visited url in a file in the user's LocalSettings directory.  As well as items like cache misses, redirected urls, and click through urls are left on the machine.

Now of course, your ISP can still track you, netflows, IDS's on your network, and pieces of software that may be on your corporate network like Websense can still find where you go.  Let alone if Browzar leaves anything behind on your host system. 

We've looked at other programs like VMware's many free Virtual Browsing appliances or even Sandboxie, which runs programs inside of a virtual 'sandbox'.  Apparently leaving no traces behind on the local machine.

So for you privacy guys..  put your tin foil beenie on, and browse away.

Update #1

Another reader Chris wrote in to tell us about a browsing device he made on an external harddrive with Windows 3.11 as an OS, minimal install with a browser.  This reminds me of carrying a thumbdrive with a browser installed on it, in order to keep your cookies, passwords, and cache with you.



----------------
Joel Esler
jesler{at}isc.sans.org
Keywords:
0 comment(s)
Diary Archives