Actions

SecBrowser ™ in Microsoft Windows: A Security-hardened, Non-anonymous Browser

From Whonix

< SecBrowser
SecBrowser ™ Icon



Info This documentation was recently updated. If any problems are encountered, refer to this forum discussion: https://forums.whonix.org/t/disable-tor-in-torbrowser-9/8336 [archive]

Introduction[edit]

SecBrowser ™ is a security-focused browser that provides better protection from exploits, thereby reducing the risk of infection from malicious, arbitrary code. A built-in security slider provides enhanced usability, as website features which increase the attack surface (like JavaScript) can be easily disabled. Since many of the features that are commonly exploited in browsers are disabled by default, SecBrowser ™'s attack surface is greatly reduced. Without any customization, SecBrowser ™’s default configuration offers better security than Firefox, Google Chrome or Microsoft Edge.[1] It also provides better protections from online tracking, fingerprinting and the linkability of activities across different websites.

SecBrowser ™ is a derivative of the Tor Browser Bundle (which itself is a derivative of Mozilla Firefox) but without Tor. This means unlike Tor Browser, SecBrowser ™ does not route traffic over the Tor network, which in common parlance is referred to as "clearnet" traffic. Even without the aid of the Tor network, SecBrowser ™ still benefits from the numerous patches [archive] that Tor developers have merged into the code base. Even with developer skills, these enhancements would be arduous and time-consuming to duplicate in other browsers, with the outcome unlikely to match SecBrowser's ™ many security benefits. While browser extensions can be installed to mitigate specific attack vectors, this ad hoc approach is insufficient. SecBrowser ™ leverages the experience and knowledge of skilled Tor Project developers, and the battle-tested Tor Browser.

Security enhancements:

Security Enhancements[edit]

Table: SecBrowser ™ Security and Privacy Benefits

Feature Description
Security Slider Enables improved security by disabling certain web features that can be used as attack vectors.[2]
Default Tor Browser Add-ons
  • HTTPS Everywhere: This browser extension encrypts communications with many major websites, making your browsing more secure.[3]
  • NoScript: NoScript can provide significant protection with the correct configuration.[4] NoScript blocks active (executable) web content and protects against cross-site scripting [archive] (XSS). "The add-on also offers specific countermeasures against security exploits".
Firejail (Linux only) Firejail will be used as a sandboxing measure to restrict the SecBrowser process. [5]
Homograph Attack Protection Fixes the internationalized domain name (IDN) homograph attack vulnerability [archive] present in standard Firefox and Tor Browser releases. [6] [7]
Reproducible Builds Build security is achieved through a reproducible build process that enables anyone to produce byte-for-byte identical binaries to the ones the Tor Project releases.[8][9]
WebRTC Disabled by Default WebRTC can compromise the security of VPN tunnels, by exposing the external (real) IP address of a user.[10][11]

Privacy and Fingerprinting Resistance[edit]

Research from a pool of 500,000 Internet users has shown that the vast majority (84%) have unique browser configurations and version information which makes them trackable across the Internet. When Java or Flash is installed, this figures rises to 94%.[12] SecBrowser ™ shares the fingerprint with around three million [archive] other Tor Browser users, which allows people who use SecBrowser ™ to "blend in" with the larger population and better protect their privacy.

The EFF has found [archive] that while most browsers are uniquely fingerprintable, resistance is afforded via four methods:

  • Disabling JavaScript with tools like NoScript.
  • Use of Torbutton, which is bundled with SecBrowser ™ and enabled by default.
  • Use of mobile devices like Android and iPhone.
  • Corporate desktop machines which are clones of one another.

With JavaScript disabled, SecBrowser ™ provides significant resistance to browser fingerprinting.[13]

  • The User Agent is uniform for all Torbutton users.
  • Plugins are blocked.
  • The screen resolution is rounded down to 50 pixel multiples.
  • The timezone is set to GMT.
  • DOM Storage is cleared and disabled.

The EFF's Panopticlick [archive] fingerprint test shows that SecBrowser ™ resists fingerprinting.

Note: Because tracking techniques are complex, Panopticlick does not measure all forms of tracking and protection.

  • SecBrowser ™ conveys 6.26 bits of identifying information.
  • One in 76.46 browsers have the same fingerprint.
  • Browsers that convey lower bits of identification are better at resisting fingerprinting.[14]

When Tor Browser's and SecBrowser ™'s HTTP headers are compared using Fingerprint central's test suite [archive] the results are near identical.

Table: Tor Browser vs SecBrowser ™ HTTP headers comparison.

Percentage (%) out of 1652 with fingerprints tags [Firefox,Windows]:

Name Value TorBrowser SecBrowser™
% %
User-Agent Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0 2.48 2.42
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 97.15 97.15
Host fpcentral.irisa.fr 90.44 90.43
Content-Length 100.00 100.00
Accepted-Language en-US,en;q=0.5 32.63 32.95
Referer https://fpcentral.irisa.fr/ [archive] 69.37 69.35
Upgrade-Insecure-Requests 1 83.05 83.04
Accepting-Encoding gzip, deflate, br 82.14 82.13
Content-Type 100.00 100.00
Connection close 100.00 100.00

SecBrowser Installation[edit]

warning Note:

  • Do not use these instructions inside Whonix ™.
  • Do not use these instructions inside a torified virtual machine because these instructions break Tor Browser's per tab stream isolation.
  • These instructions are only for use outside of Whonix; for example, browsing the internet non-anonymously using Tor Browser on a Windows platform. The user only benefits from Tor Browser's security features in this configuration.


The following guide provides steps to:

  1. Source Tor Browser
  2. Install Tor Browser
  3. Disable Tor
  4. Start Tor Browser
  5. Normalize SecBrowser ™ Behavior

Source Tor Browser[edit]

Download Tor Browser Installer for Windows[edit]

The Tor Browser Installer for Windows package will be downloaded and used to install Tor Browser.

1. Browse to https://www.torproject.org/download/ [archive]

2. Download Tor Browser installer for Windows: Left "click" Windows icon"click" Save file.

Install Tor Browser[edit]

Tor Browser installation is a simple process with Tor Browser Installer for Windows.

1. Choose the Tor Browser installation Path and language.

Navigate to the folder where torbrowser-install-win64-9.0.1_en-US was downloaded:

  • Double "click" torbrowser-install-win64-9.0.1_en-USSelect language"click" OKChoose Install Location"click" OKChoose Install Location"click" Install.

Figure: Start Tor Browser Installer for Windows

Start Tor Browser windows installer.png

Figure: Select Language

Tor Browser select language.png

Figure: Choose Installation Location

Choose Tor Browser install location.png

Figure: Tor Browser Installing

Tor Browser installing.png

2. Complete Tor Browser setup.

Once Tor Browser has been installed, a popup window will ask if a Start Menu and Desktop Shortcut should be added and if Tor Browser should be started once complete. Check ☑ both boxes and "click" Finish.

Figure: Tor Browser Installation Complete

Complete TorBrowser setup.png

3. Set network connections.

When Tor Browser starts for the first time it asks for "Tor Network Settings" to be set. Click Connect, then wait while the connection to Tor is completed. When Tor has successfully connected, Tor Browser will open and the necessary steps to configure SecBrowser ™ outlined below can be completed.

Figure: Configure Network Connection

Tor Browser connect to tor.png

Figure: Connecting to Tor Network

Tor Browser connecting Tor network.png

SecBrowser ™ Configuration[edit]

warning Disabling Tor means traffic will not be routed through the Tor network. Similar to other browsers, your IP address will be visible to any network observers or the recipients of any communications. This configuration is not anonymous.

Disable Tor[edit]

Tested Platforms

Windows 10

1. Disable Tor Launcher extension.

Create a new text file in the folder where Tor Browser was extracted. For example, the file could have the following name: Start TB without Tor.bat Add the following text. [15] [16]

SET TOR_SKIP_LAUNCH=1
SET TOR_TRANSPROXY=1
“Start Tor Browser.lnk”

Save the file and exit.

2. Disable socks network DNS.

In the Tor Browser address bar type; about:config and press "Enter".

Next, in the search bar type; network.proxy.socks_remote_dns and press "Enter".

Then right click true and Toggle to false.

Figure: about:config Warning

About-config i accept the risks.png

Figure: Disable Tor Browser Socks Proxy DNS

Disable Tor socks proxy dns.png

3. Close Tor Browser.

Start Tor Browser[edit]

Tor Browser can be started by launching the Start TB without Tor.bat batch file.

If configured correctly Tor Browser will have a red background with a message stating "Something Went Wrong!" Tor is not working in this browser.

Figure: Tor Browser "Something Went Wrong"

Tor Browser something went wrong.png

Normalizing SecBrowser ™ Behavior[edit]

Usability vs. Security[edit]

While SecBrowser ™ has numerous security enhancements they can come at a cost of decreased usability. Since it is also highly configurable, security settings and behavior can be customized according to personal requirements. This is commonly referred to as an usability vs. security trade-off.

Tor Browser behavior can be modified by creating a user.js file in the Tor Browser default.profile folder. Users can then add custom settings to meet usability requirements.


Security Slider

SecBrowser ™ has a “Security Slider” in the shield menu. This can increase security by disabling certain web features that pose possible attack vectors. By default, the Tor Browser Security Slider is set to “Standard” which is the lowest security level. Conversely the SecBrowser ™ security level is set to "Safest" which will prevent some web pages from functioning properly, so security needs must be weighed against the degree of usability that is required. Users can adjust the security slider as needed to meet usability / security requirements.


Private Browsing Mode

In the default configuration Tor Browser has private browsing mode enabled. This setting prevents browsing and download history as well as cookies from remaining persistent across SecBrowser ™ restarts. However, private browsing mode can be disabled by setting browser.privatebrowsing.autostart to "false".

When private browsing mode is disabled, SecBrowser ™'s built-in "long-term linkability" protections are deactivated. This means users are vulnerable to attacks which can link activities between earlier and later browsing sessions. If privacy is paramount users can enable private browsing mode by commenting out the corresponding user preference.


Persistent NoScript Settings

NoScript settings can be set to persist across browser restarts by setting extensions.torbutton.noscript_persist to "true". This is a security vs usability trade-off. If the SecBrowser ™ “Security Slider” setting is changed afterwards, all NoScript preferences are overridden and all custom, per-site settings are lost. This holds true regardless of whether the security setting was increased or decreased.


Remember Logins and Passwords for Sites

By default, Tor Browser does not save site login information such as user names or passwords. To save login information users can set signon.rememberSignons to "true", which allows user names and passwords to be saved across browser sessions.


Anti-tracking Extensions

If a user disables some of Tor Browser's own anti-tracking features (like private browsing mode; see above), then it is logical to install one or more extensions that make it harder to track later browsing. The extensions Disconnect [archive], Privacy Badger [archive] [17] and uBlock Origin [archive] are all open-source and are generally recommended. Research which one(s) are most suitable in your circumstances; their use cases are different.

Modify Settings[edit]

1. To change the above settings, create a user.js file in the Tor Browser default.profile folder.

In the start menu, run,

notepad

Add the following text to modify all of the above settings or cherry pick those which meet your requirements. [18]

// Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
// See the file COPYING for copying conditions.

// Warning! These settings disable Tor. You will not be anonymous!

// Configure Tor Browser without Tor settings for an everyday use
// security hardened browser. Take advantage of its excellent
// enhancements for reducing linkability, that is, "the ability
// for a user's activity on one site to be linked with their
// activity on another site without their knowledge or explicit
// consent."
// - See https://www.whonix.org/wiki/SecBrowser

// Disable Torbutton and Torlauncher extensions
user_pref("extensions.torbutton.startup", false);
user_pref("extensions.torlauncher.start_tor", false);
user_pref("network.proxy.socks_remote_dns", false);

// Disable function torbutton source file:
// src/chrome/content/torbutton.js
// function: torbutton_do_tor_check
// and thereby also function: torbutton_initiate_remote_tor_check
// disables Control Port verification and remote Tor connection check.
user_pref("extensions.torbutton.test_enabled", false);

// Set security slider "Safest".
user_pref("extensions.torbutton.inserted_security_level", true);
user_pref("extensions.torbutton.security_slider", 1);

// Normalize Tor Browser behavior
user_pref("extensions.torbutton.noscript_persist", true);
user_pref("browser.privatebrowsing.autostart", false);

// Save passwords.
user_pref("signon.rememberSignons", true);

// Required for saving passwords.
// https://trac.torproject.org/projects/tor/ticket/30565#comment:7
user_pref("security.nocertdb", false);

// Disable Letterboxing.
// https://forums.whonix.org/t/is-anyone-having-white-bars-in-the-tbb-tor-browser-letterboxing/8345
// https://forums.whonix.org/t/secbrowser-a-security-hardened-non-anonymous-browser/3822/156
user_pref("privacy.resistFingerprinting.letterboxing", false);

// Enable punycode to fix
// very hard to notice Phishing Scam - Firefox / Tor Browser URL not showing real Domain Name - Homograph attack (Punycode).
// https://forums.whonix.org/t/very-hard-to-notice-phishing-scam-firefox-tor-browser-url-not-showing-real-domain-name-homograph-attack-punycode/8373
// https://forums.whonix.org/t/secbrowser-a-security-hardened-non-anonymous-browser/3822/162
user_pref("network.IDN_show_punycode", true);


Once settings have been added "click" FileSave As...

Next, save the user.js file by first navigating to the default Tor Browser profile folder. A desktop starter was added during Tor Browser configuration which is where the PATH/to/default/TorBorwser/profile/ begins:

  • "Click" DesktopTor BrowserBrowserTorBrowserDataBrowserprofile.default"Add" Filename: user.jsSave as type: All Files"click" Save.

Figure: Create SecBrowser ™ Configuration File

Tor Browser path to user js.png

Done!

Non-Affiliation with The Tor Project[edit]

SecBrowser ™ is a derivative of Tor® Browser, produced independently from the Tor® anonymity software and carries no guarantee from The Tor® Project [archive] about quality, suitability or anything else.

Footnotes[edit]

  1. https://2019.www.torproject.org/projects/torbrowser/design/ [archive]
  2. https://tb-manual.torproject.org/security-slider/ [archive]
  3. https://www.eff.org/https-everywhere [archive]
  4. https://en.wikipedia.org/wiki/NoScript [archive]
  5. https://forums.whonix.org/t/automatically-firejailing-tor-browser/4767 [archive]
  6. For further information, see: very hard to notice Phishing Scam - Firefox / Tor Browser URL not showing real Domain Name - Homograph attack (Punycode) [archive]. Without this change, URLs can be spoofed so users are deceived about what remote server they are communicating with, via substitution of characters that look alike ('homographs').
  7. https://bugzilla.mozilla.org/show_bug.cgi?id=1332714 [archive]
  8. https://2019.www.torproject.org/projects/torbrowser/design/ [archive]
  9. https://blog.torproject.org/deterministic-builds-part-two-technical-details [archive]
  10. https://en.wikipedia.org/wiki/WebRTC#Concerns [archive]
  11. https://torrentfreak.com/huge-security-flaw-leaks-vpn-users-real-ip-addresses-150130/ [archive]
  12. https://www.eff.org/deeplinks/2010/05/every-browser-unique-results-fom-panopticlick [archive]
  13. https://blog.torproject.org/effs-panopticlick-and-torbutton [archive]
  14. https://33bits.wordpress.com/about/ [archive]
  15. It is necessary to set the SET TOR_SKIP_LAUNCH=1 environment variable, then start Tor Browser. The Tor Browser Launcher add-on will detect this, skip the connection wizard and skip launching Tor.
  16. https://forums.whonix.org/t/disable-tor-in-torbrowser-9/8336 [archive]
  17. The browser might need to be restarted for it to work.


Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png Matrix logo.svg.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate whonix.png

Share: Twitter | Facebook

Bored? Want to chat with other Whonix users? Join us in IRC [archive] chat (Webchat [archive]) or Telegram Chat [archive].

https [archive] | (forcing) onion [archive]

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.