Feeds

Security experts cry foul over Browzar

Browser beware

Top 5 reasons to deploy VMware with Tegile

Security experts are crying foul over a new supposedly secure browser application.

Browzar is promoted as an easy way for users to surf the web without leaving traces of sensitive information behind on their PCs. Critics say it fails to do what it says on the tin and, worse still, the software manipulates search results to push ads at users.

Browzar, according to its developers, is designed not to retain information. Browzar automatically deletes internet caches, histories, cookies. It doesn't use auto-complete forms, a feature that anticipates the search term or web address a user might enter.

Initially, we took these assurances at face value, but many problems with the software have since emerged.

Although positioned as a fully fledged browser application, Browzar is a simple "custom wrapper" and user interface for IE that inherits any problems an installed version of Internet Explorer might have, while adding some all of its own. The software is supposed to get rid of all records of sites surfers may have visited, along with cookies and history files relating to a Browzar session from users' PCs.

But Browzar does not clean up all traces of surfing as promised. Deleted files are not wiped and would be easy to recover - allowing anyone with a basic data recovery tool to access history, cookies or any other media downloaded using Browzar. Furthermore, because Browzar uses IE's ActiveX control, a list of browsed websites stills appear in the index.dat file. Browzar therefore, according to critics, offers a false sense of privacy protection.

As if that wasn't enough reason to be wary of the software, Browzar steers users towards the firm's own search page which allows the browser's developers to insert sponsored links intermixed with regular search results. Much of the criticism of Browzar has focused on its skewed search engine and the use of Browzar's website as the default (unchangeable) home page for surfers.

Based on this feature, security guru Bruce Schneier describes the software as ad-ware, a view backed up multiple assessments of the software by other security researchers (here and here).

Other applications, such as Sandboxie, which runs programs inside of a virtual "sandbox", offer a far better alternative to Browzar, the SANS Institute suggests.

Browzar's developers reject the ad-ware tag but say they are prepared to examine feedback, the BBC reports.

Ajaz Ahmed, founder of UK ISP Freeserve and the business brains behind Browzar, told the BBC: "This is not adware at all. Like every search engine, Browzar has sponsored advertising." ®

Beginner's guide to SSL certificates

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.