Do you have useful knowledge or experience on the use of the Browsar privacy browser?

[Andy Burnelli]

Any feelings on utility (or lack thereof) of the Browsar privacy browser?
<https://browzar.com/>

In testing only a few minutes this morning, I found this "Browsar" private
browsing experience somewhat unlike any other browser I've ever used.
<https://browzar.com/download/BrowzarBlack2000-98.zip>

I was reading this police Windows 7 to 10 comparative study of a
different privacy browser (where they used freeware forensics):
<https://forensicsandsecurity.com/papers/PrivateWebBrowserForensics.pdf>
Name: BrowzarBlack2000-98.zip
Size: 207499 bytes (202 KiB)
SHA256: EFFF5FC2C265C7FD853CD76EB0D4193C2B491341BD7AD3A29A194022AD5BB114
Unzipped it contains just the portable executable (there is no installer):
Name: BrowzarBlack2000-98.exe
Size: 226976 bytes (221 KiB)
SHA256: C83AB2CDA88BB1A04D7F9B43D8E01CF5E7ED9576F433D9545BC180406AA935FF

https://browzar.com/download/BrowzarBlack2000-98.exe
Name: BrowzarBlack2000-98.exe
Size: 226976 bytes (221 KiB)
SHA256: C83AB2CDA88BB1A04D7F9B43D8E01CF5E7ED9576F433D9545BC180406AA935FF

Every day I try to learn more about how to protect our privacy on the net.
Hence I was reading this police report analyzing another privacy browser...
<https://forensicsandsecurity.com/papers/PrivateWebBrowserForensics.pdf>

Which used forensics from the following on Windows & and 10 (compared)
*Process Monitor*
an advanced monitoring tool that shows real-time file system, registry,
and process thread activity;

*Regshot*
an open-source utility that allows snapshots to be taken pre- and
post-software installation in order to record registry changes
on the system;

*TCPView*
a tool that shows detailed listings of all TCP
(Transmission control Protocol) & UDP (User Datagram Protocol)
endpoints as well as network connection status;

*Registry viewer
software that allows analysis of the windows registry system;

*FTK Imager*
forensics software that is used to capture RAM dumps
and protected files data on a live system;

*WireShark*
Network protocol analyser that identifies all network traffic;

*ChromeHistoryView*
freeware that allows an examiner to view History database records;

*ChromeCacheView*
freeware that allows the examiner to view cache entries.

When it mentioned Browsar in passing...
"Upon closing the browsing session, Browzar removed all traces of
web browser activity. However, using a combination of forensic tools
and techniques, evidence (including pictures, keyword searches, and
URLs) was easily recovered in both the memory and in the pagefile
(Warren, El-Sheikh & Le-Khac 2017)." allows analysis of the windows
registry system;

When it mentioned Browsar in passing...
"Upon closing the browsing session, Browzar removed all traces of
web browser activity. However, using a combination of forensic tools
and techniques, evidence (including pictures, keyword searches, and
URLs) was easily recovered in both the memory and in the pagefile
(Warren, El-Sheikh & Le-Khac 2017)."

Any feelings on the (seemingly unique?) Browsar privacy browser?
--
Usenet is a world-wide team sport where purposefully helpful kind-hearted
adults help each other and learn by pooling our individual capabilities.

[Nic]

I never heard of Browsar, but it is clear that the browser wars are
getting caught up on the important points of private communication on
the net. The thing that puzzles me is how will Usenet survive after the
wars.

[Andy Burns]

Nic wrote:

> I never heard of Browsar

Me neither (it should be spelt with a Z not an S) looks like it's just an IE
wrapper, they claim it's great for banking or cloud apps

it doesn't work with my banks, office365, dropbox, or any part of google that
requires a sign-in

seems to barely work with amazon, all-in-all about as dead as I'd expect IE to
be nowadays

[Andy Burnelli]

Andy Burns wrote:

>> I never heard of Browsar
>
> Me neither (it should be spelt with a Z not an S)

My fault for spelling it with an "s", as it's BrowZar as in
<https://browzar.com/>
<https://browzar.com/keyfeatures.php>
<https://browzar.com/help.php>

As you can tell from your tests, it's somewhat unlike any other browser out
there in that it's small and it does stuff that it "says" is for privacy.

From their online FAQ:
*What is so different about Browzar?*
<https://browzar.com/help.php>
"Currently there is no way of privately surfing the internet that is as
simple to use as Browzar. All standard internet browsers by default store
information about what websites have been viewed and what you have
searched for. Browzar does not do any of this. It does not store any
history, cache or cookies and does not use auto-complete. This means
that people sharing a computer with others can enjoy the freedom to
surf in private."

However, note the police report which said that forensics still work.
<https://forensicsandsecurity.com/papers/PrivateWebBrowserForensics.pdf>

> looks like it's just an IE wrapper, they claim it's great for banking or cloud apps

Thank you for testing it as I had never heard of it until I saw it
mentioned in that police report, which I was perusing to learn more how
they do freeware forensics (which is how I found that police report).

As a side note, it's interesting the police concentrated on freeware, just
like I do! :)

That's interesting if it's IE based since most browsers are Chromium or
Mozilla based nowadays, as far as I know. How can you tell that it's IE?

Plus, it's just the executable and nothing else (apparently). Their online
FAQ says to delete it you just delete the executable and that's it. As I
recall, IE was a bitch to fully delete since it polluted the registry.

What's _different_ about Browzar is a whole bunch of things, one of which
is that there is no "installer" - there's just the executable and that's it
(although I didn't look to see if they muck with the System Registry keys).

What it says on its home page is also somewhat unique.
1. Doesn't save Cookies, History, Temp files, Passwords, Cache
2. Secure delete (upon every closing but the police found otherwise)
3. Great for Banking and Cloud applications (as you noted it claimed)
4. Automatically cleans up when you've finished (what does that mean?)
5. Carry it with you on a USB stick (that might be useful)

> it doesn't work with my banks, office365, dropbox, or any part of google that
> requires a sign-in

Thanks for testing that. I never sign in to banks, office365, or dropbox or
even Google (since I use Thunderbird for Google email) so I wouldn't have
known that BrowZar doesn't work for such sites.

But the Browzar online FAQ claims the following:
*How do banking websites work with Browzar?*
<https://browzar.com/help.php>
"You can use Browzar to securely do your electronic banking
just like you can with any other browser."

Do you have a suspicion as to why Browzar doesn't work with those sites?

> seems to barely work with amazon, all-in-all about as dead as I'd expect IE to
> be nowadays

Looking deeper into the online FAQ, it says this about banking & shopping:
*Does Browzar store cookies? If so, why?*
"Browzar only ever stores cookies temporarily, automatically deleting
them when you close the programme. For many sites, such as internet
banking or shopping sites, it is necessary to store cookies to keep
you logged into the site or hold shopping cart contents while you
perform your transactions.

If you visit a site using Browzar where a cookie for that site
already existed on the computer prior to you using Browzar,
the cookie will be ignored."

Do you think the reason Browzar didn't work well for you was related to the
banking & shopping sites wanting to have cookies previously stored on your
PC?

[Andy Burns]

Andy Burnelli wrote:

> How can you tell that it's IE?

In their FAQ, they say they can be such a small .exe because they rely on the IE
components being installed as part of windows, so they just invoke that as an
embedded window with their own skin around it ...

IE is so far behind now on HTML, CSS and JS features, I'd expect most sites to
be broken in some way.

[Andy Burnelli]

Andy Burns wrote:

> In their FAQ, they say they can be such a small .exe because they rely on the IE
> components being installed as part of windows

Ah. Good catch. Thanks. It's actually all over that FAQ & Help...
which I missed 'cuz I didn't read them. My bad. Your good. :)

Here are some of the IE references in the help & FAQ.

<https://browzar.com/help.php>
"Browzar is an IE shell browser"

"The minimum requirements for Browzar are: Windows 98 Second Edition (SE)
and Internet Explorer (IE) 5.5."

<https://browzar.com/keyfeatures.php>
"*Browzar is based on Internet Explorer*:
Love it or hate it: that's just the way it is. We decided to build
Browzar this way because wherever you go on the Planet, IE is likely
to be installed on any Windows PC. This means that the Browzar
software download can be kept very small (only 204K), and there's
no need for installation: unlike other Browsers, which are often
several Mbytes in size and require installation to run.
With Browzar you just click and go..."

"From version 2.0 onwards Browzar no longer supports the downloading
of ActiveX components. This is a security measure to protect you and
the computer you are using. If you visit a site which requires ActiveX,
Browzar will simply not download the ActiveX component. In the event
that you visit a site using Browzar which has already been visited
using Internet Explorer and an ActiveX component has already been
downloaded to the computer you are using, then this ActiveX component
will still run in Browzar."

"Auto-complete works a bit like predictive text. When you are inputting
a search term or web address to your computer it guesses what you are
going to search for based on things that you inputted in the past.
This instantly reveals sites that you have visited before to anyone
using your computer or looking over your shoulder when you are searching
the web. Browzar blocks auto-complete and doesn't remember what you
typed whilst you were browsing or searching. When someone next uses
IE on the computer which you last used Browzar, your search terms will
not appear in any auto-complete lists."

"Browzar deletes any cookies created during any Browzar session.
Cookies are deleted at the end of the Browzar session as part of
the Cleanup process.

With earlier versions of Browzar, we received complaints from users
that when visiting some web sites they would appear to be logged in
with someone else's details. This was due to the fact that previous us
of the PC with Internet Explorer users had visited sites and opted
to be 'remembered' when they returned to them and a cookie was placed
on the computer. Browzar simply read the cookies and displayed sites
in the logged in state.

The good news is that we have listened to our users and made it so
that Browzar now ignores any existing cookies. So now you won't see
anyone else's Amazon profile, Google e-mail, or anything like that.

Whilst using Browzar, if you choose a website to remember you, when
you close Browzar any cookies created during the Browzar session
are deleted"

"Browzar now has all the Function and Ctrl shortcuts available in
Internet Explorer."

etc.

[Chris]

On 17/05/2022 08:24, Andy Burnelli wrote:
>
> However, note the police report which said that forensics still work.
> <https://forensicsandsecurity.com/papers/PrivateWebBrowserForensics.pdf>

That's not a police report, it's a research paper published here:
Journal of Information Warfare, Volume 17, Number 1, 2018.

Allegedly, although I can't find it on the Journal's site.

>> looks like it's just an IE wrapper, they claim it's great for banking
>> or cloud apps
>
> Thank you for testing it as I had never heard of it until I saw it
> mentioned in that police report, which I was perusing to learn more how
> they do freeware forensics (which is how I found that police report).
>
> As a side note, it's interesting the police concentrated on freeware, just
> like I do! :)

The police don't. Researchers do as it's cheaper to do research that way.

[Andy Burnelli]

Chris wrote:

>> However, note the police report which said that forensics still work.
>> <https://forensicsandsecurity.com/papers/PrivateWebBrowserForensics.pdf>
>
> That's not a police report, it's a research paper published here:
> Journal of Information Warfare, Volume 17, Number 1, 2018.
>
> Allegedly, although I can't find it on the Journal's site.

Hmmm... I only ran into it while looking up freeware tools to do forensics
on the PC, but I just re-opened it and it said, right at the beginning,
"Ottawa Police" but I looked deeper and it has a small "1" next to it,
which indicates that the primary author "A Reed" works at the Ottawa Police
apparently, whereas the secondary & tertiary authors are at the "Forensics
and Security Research Group".

My bad. I apologize. I didn't take the police part too seriously anyway, as
the research paper seemed rather sophomoric for a professional publication.

For all I know, it could be just a final exam or whatever, since I only ran
into it while digging up forensic tools to test on Windows.

>> As a side note, it's interesting the police concentrated on freeware, just
>> like I do! :)
>
> The police don't. Researchers do as it's cheaper to do research that way.

I'm not sure how this trio is funded, but in the abstract they state:
"This study identifies the manner in which the browser functions
during use, where evidence can be recovered after use, as well
as the tools and effective presentation of the recovered material."

All I can say is that they're promulgating a half dozen freeware forensic
tools, which are the keywords that brought that research paper to my
attention - and - once in the research paper - they brought BrowZar to my
attention.

That's kind of how learning happens sometimes...
--
I simply asked about the brozar browser here, to learn more about it.

[Nic]

I would think that there are Linux versions that would work better at
looking at windows installations and the contents of a hard drive.