SecBrowser FAQ

From Whonix

Whonix developers focus their efforts on advanced anonymity with Tor being a core component. Why develop a package that disables Tor?

Package tb-upater was developed with design goals focused on securely downloading and verifying Tor Browser. However, requirements for a new operating system under development -- a security focused OS based on Hardened Debian [archive] (Kicksecure) -- called for a security hardened clearnet browser. SecBrowser ™ (Tor Browser without Tor) met those requirements. Hence, the secbrowser wrapper that disables Tor was integrated into tb-updater and tb-starter.

What is Clearnet?

This term has two meanings:

  1. Connecting to the regular Internet without the use of Tor or other anonymity networks; and/or
  2. Connecting to regular servers which are not onion services, irrespective of whether Tor is used or not.

How does SecBrowser ™ disable Tor?

SecBrowser ™ supports custom user preferences "user_pref" which can be used to change browser configuration and behavior. In tb-starter the user preferences that disable Tor are located in /usr/share/secbrowser/user.js .[1][2] When SecBrowser ™ starts this file is copied over to the corresponding SecBrowser ™ profile where the custom user_pref(s) are parsed.[3]

Tor is disabled by setting the following three preferences to false.

user_pref("extensions.torbutton.startup", false);
user_pref("extensions.torlauncher.start_tor", false);
user_pref("network.proxy.socks_remote_dns", false);

SecBrowser ™ also sets various environment variables [archive] when started by its /usr/bin/secbrowser [archive] wrapper.

Can I use SecBrowser ™ in a Whonix-Workstation VM (anon-whonix)?

VMs behind Whonix-Gateway (sys-whonix) are always routed through Tor, meaning traffic would still be torified. However, this is strongly recommended against because using SecBrowser ™ will break Tor Browser's per tab stream isolation.

Can I use SecBrowser ™ in a VM torified by something other than Whonix to avoid Tor over Tor?

This is strongly recommended against because using SecBrowser ™ will break Tor Browser's per tab stream isolation. A complete implementation compatible with Tor Browser's per tab stream isolation would be much better.

Does the SecBrowser ™ option alter any other browser behavior?

No, the only changes to SecBrowser ™ are to the preferences previously shown.

Can I add my own custom preferences to change SecBrowser ™ behavior?

Yes, but this could degrade security and privacy. See: SecBrowser ™ Settings.

I have an idea to improve SecBrowser ™'s security. Can I submit a patch?

Many security enhancements, such as (in theory) adding compile time hardening options, need to be submitted upstream to The Tor Project. Patches to tb-updater, tb-starter or this wiki entry are always welcome!