Feeds

Security experts cry foul over Browzar

Browser beware

5 things you didn’t know about cloud backup

Security experts are crying foul over a new supposedly secure browser application.

Browzar is promoted as an easy way for users to surf the web without leaving traces of sensitive information behind on their PCs. Critics say it fails to do what it says on the tin and, worse still, the software manipulates search results to push ads at users.

Browzar, according to its developers, is designed not to retain information. Browzar automatically deletes internet caches, histories, cookies. It doesn't use auto-complete forms, a feature that anticipates the search term or web address a user might enter.

Initially, we took these assurances at face value, but many problems with the software have since emerged.

Although positioned as a fully fledged browser application, Browzar is a simple "custom wrapper" and user interface for IE that inherits any problems an installed version of Internet Explorer might have, while adding some all of its own. The software is supposed to get rid of all records of sites surfers may have visited, along with cookies and history files relating to a Browzar session from users' PCs.

But Browzar does not clean up all traces of surfing as promised. Deleted files are not wiped and would be easy to recover - allowing anyone with a basic data recovery tool to access history, cookies or any other media downloaded using Browzar. Furthermore, because Browzar uses IE's ActiveX control, a list of browsed websites stills appear in the index.dat file. Browzar therefore, according to critics, offers a false sense of privacy protection.

As if that wasn't enough reason to be wary of the software, Browzar steers users towards the firm's own search page which allows the browser's developers to insert sponsored links intermixed with regular search results. Much of the criticism of Browzar has focused on its skewed search engine and the use of Browzar's website as the default (unchangeable) home page for surfers.

Based on this feature, security guru Bruce Schneier describes the software as ad-ware, a view backed up multiple assessments of the software by other security researchers (here and here).

Other applications, such as Sandboxie, which runs programs inside of a virtual "sandbox", offer a far better alternative to Browzar, the SANS Institute suggests.

Browzar's developers reject the ad-ware tag but say they are prepared to examine feedback, the BBC reports.

Ajaz Ahmed, founder of UK ISP Freeserve and the business brains behind Browzar, told the BBC: "This is not adware at all. Like every search engine, Browzar has sponsored advertising." ®

Next gen security for virtualised datacentres

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.