Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Browzar, the privacy that may not be SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Browzar, the privacy that may not be
Browzar -- a 'wrapper' for IE is supposed to wipe all traces of the sites you have visited, cookies, and history files on your computer.  However, many experts have claimed that because Browzar has a home page set to their search page, where by default, Browzar's sponsored links pop up in the middle of regular links.

However, some recent research by experts can leave behind these items.   We suggest you take a look at some of the recent articles about Browzar, like this one over at BBC News

Browzar has received a lot of recent attention on list servers like Full-Disclosure, claiming the 'Browzar' leaves the last visited url in a file in the user's LocalSettings directory.  As well as items like cache misses, redirected urls, and click through urls are left on the machine.

Now of course, your ISP can still track you, netflows, IDS's on your network, and pieces of software that may be on your corporate network like Websense can still find where you go.  Let alone if Browzar leaves anything behind on your host system.

We've looked at other programs like VMware's many free Virtual Browsing appliances or even Sandboxie, which runs programs inside of a virtual 'sandbox'.  Apparently leaving no traces behind.

So for you privacy guys..  put your tin foil beenie on, and browse away.
Joel

454 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!