+Warwagon MVC Posted October 25, 2009 MVC Share Posted October 25, 2009 Taking private browsing to the next level. This guide is meant to help you keep people from snooping on your browser activities, locally on your computer. This is not meant to keep you anonymous on the internet. Icall it taking private browsing to the next level because I'm comparing it to the private browsing feature most of the browsers have. In that regard this give you so much more privacy with none of the sacrifices. This year, web browsers started giving you the option to privately browse the internet without leaving a trace of your session on the computer.What if you could have a browser session that is both private, doesn't leave a trace on the machine you are using, yet still lets you enjoy internet caching, favorites and everything a web browser can offer?The first option that came to my mind was "Portable Firefox". A version of Firefox that doesn't need to be installed and can be run off of a any sort of removable device. This works pretty well, but anybody who has potential access to your removable device also has access to your "Portable Firefox" and everything you've been doing with it.So I thought there had to be a way to make the device accessible to you and not someone else, even if they had access to it. So I thought, lets combine Portable Firefox with TrueCrypt. Even if someone had access to the device, they wouldn't be able to access the contents without first decrypting it using your password.This guide will walk you through setting up a Truecrypt container on a removable device and then installing Portable Firefox onto it. If you would rather watch a video on now to do it, rather than read, I made a video for you below. Best if watched in 720pFirst download and install TrueCrypt from the following website.http://www.truecrypt.org/downloadsPart 1 Setting up your removable device as a Traveler Disc.1) Plug in the removable device you wish to use with TrueCrypt.2) Launch TrueCrypt3) Click on the Tools.4) Select "Traveler Disc Setup"In this next section we will be choosing the device we want to use. We won't be encrypting the entire device, just a file that TrueCrypt will use as the container .5) Under "File Settings" Click the browse button6) Select the removable device you wish to use (Double check that you have the correct one selected) then click ok7) Uncheck "Include TrueCrypt Volume Creation Wizard is checked" We'll do that next.The autorun section gives you the option to have TrueCrypt automatically run when you insert the device into a computer.8) Click the "Create "9) Once complete click the close.Part 2 Creating a TrueCrypt Volume1) Click the Tools menu2) Click "Volume Creation Wizard"3) Select "Create an encrypted File Container"4) Click Next5) Select "Standard TrueCrypt Volume"6) In the volume location box, type in the drive letter of your device along with the name you wish to use for the new TrueCrypt container (Example i:\firefox). Double check that you have it typed in correctly.TrueCrypt also gives you the option of saving or never saving your history. When you open TrueCrypt off your removable device, do you always want the path to the last container you decrypted to default in?" I actually prefer it that way. Someone still has to know the password to unlock it. It's a pain in the butt to have to browse for the container each and every time. So I just have it remember it for me, but it's up to you.7) Click Next8) Select your type of encryption.9) Click Next8) Now it's time choose how much of the device you wish use. If you are using the device just for Portable Firefox than go head and use all of it. If it's going to be a device that also has other things on it then just use some of it.9) Click Next.8) Type in the password you with to use.9) Click Next10) Choose the type of file system you wish to use. Personally I'd recommend using "NTFS" This will not format your entire device. It will just format the file you will be storing all your stuff in. Once mounted that file will appear as a separate drive letter.11) Once ready click format.12) Once complete close out to the main TrueCrypt screen.Part 3: Mounting your TrueCrypt container.To mount the container you can either use the version of TrueCrypt installed on your machine or the standalone version located in the "TrueCrypt" directory on your removable device.1) Open TrueCrypt (which should still technically be open unless you closed it already)2) Click the "Select File" button.3) Browse to your device and double click the volume you just created (if you used the example I gave earlier, then it will be called Firefox). If done correctly in the volume box you should now see your drive letter along with the name of your container (example L:\firefox)4) Click the "Mount" button.5) Type in your password and click ok6) Your encrypted container should now mount as its own drive letter (mine always mounts as J). You will see which letter it mounted as on the main TrueCrypt screen.Well the hard part is done. We can now download portable Firefox and extract it to your device.Part 4: Portable Firefox1) Download portable Firefox from http://portableapps....irefox_portable2) Once its down downloaded open it. It will ask you where you want to extract it to.If your Truecrypt volume is already mounted you can extract it there. Personally I would recommend extracting it to a folder on your desktop and then pasting it onto your device. Doing so will put FirefoxPortable.exe on the root of your Truecrypt volume instead of inside a sub folder.Holy crap we're done!! Everything is all ready to go. When you mount your TrueCrypt volume and launch Firefoxportable.exe from the device it operates just like Firefox would if it was installed. Add-ons, cache, favorites, everything. Everywhere you browse and every site you look at is stored on this device and not the computer you are using. This portable browsing session can also be plugged into ANY computer. Meaning you can take this with you everywhere.At this point open up FirefoxPortable.exe and download all of your favorite add-ons, import your bookmarks and set it up just how you like it. Once you are done and Firefox is closed you can unplug the device from your computer (Technically you should un mount it first, but I always just pull it out). Next time its plugged in your password has to be reentered in order to use it.Enjoy Gerowen and garwin 2 Share Link to comment Share on other sites More sharing options...
+John Teacake MVC Posted October 25, 2009 MVC Share Posted October 25, 2009 Good Tutorial! Link to comment Share on other sites More sharing options...
Colin-uk Veteran Posted October 25, 2009 Veteran Share Posted October 25, 2009 not a bad idea. but if your using this on a machine that isnt your own, your gunna need admin access to run truecrypt before you can run firefox. Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted October 25, 2009 Author MVC Share Posted October 25, 2009 not a bad idea. but if your using this on a machine that isnt your own, your gunna need admin access to run truecrypt before you can run firefox. Unless you are running this in a corporate environment I don't see this being an issue. But you also have to be aware of how filthy peoples machines are. Link to comment Share on other sites More sharing options...
DjmUK Posted October 25, 2009 Share Posted October 25, 2009 One creates a volume on the hard drive I'm using and then mount/unmount for each session. Link to comment Share on other sites More sharing options...
JoeyF Posted October 25, 2009 Share Posted October 25, 2009 Unless you are running this in a corporate environment I don't see this being an issue. But you also have to be aware of how filthy peoples machines are. What about school, libraries, and other public places? That's where you'd really want private browsing, but are least likely to have admin access. Link to comment Share on other sites More sharing options...
+Tyranade Subscriber² Posted October 25, 2009 Subscriber² Share Posted October 25, 2009 What about school, libraries, and other public places? That's where you'd really want private browsing, but are least likely to have admin access. At my old school you couldn't run ANY of your own apps unless you used a portable HDD and even then I tried running firefox and I needed the schools proxy settings and ofc Internet Options was restricted. Where I work I can run my own browser but had to get permission to do it as I HAAAAATE IE6 (makes me want to break down into a puddle of tears)! Link to comment Share on other sites More sharing options...
.Kompressor Posted November 12, 2009 Share Posted November 12, 2009 wouldn't browsing in a Cloud Operating System be safe also? http://eyeos.info/ http://www.thinkgos.com/ http://www.ajaxwindows.com/apps/windows/content/index.html http://www.glidedigital.com/ http://g.ho.st/main.jsp?language=en http://icloud.com/en/landing http://desktoptwo.com/ (seems offline or dead) Link to comment Share on other sites More sharing options...
zerrar Posted November 13, 2009 Share Posted November 13, 2009 (edited) Interesting concepts but I got one question: do you trust the machine your usb flash will run on and expose your data with? Kompressor, that indeed would be easier than making a truecrypt traveler usb disk which would require administration access. But again do you trust the computer you will access the cloud to? And what intrigues me about clouds, is whether your files and browsing experience is all saved in some data centre and issues of ownership arise. Edited November 13, 2009 by zerrar Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted November 13, 2009 Author MVC Share Posted November 13, 2009 Interesting concepts but I got one question: do you trust the machine your usb flash will run on and expose your data with? Kompressor, that indeed would be easier than making a truecrypt traveler usb disk which would require administration access. But again do you trust the computer you will access the cloud to? And what intrigues me about clouds, is whether your files and browsing experience is all saved in some data centre and issues of ownership arise. Wether you want to use it on other peoples machines is up to you. Personally I just use this on my main machine. Link to comment Share on other sites More sharing options...
+Xinok Subscriber² Posted November 13, 2009 Subscriber² Share Posted November 13, 2009 One more thing I think you should add to your guide: The DNS cache is an easy way to view all of the websites you or another person just visited. To clear the DNS cache, create a .bat file with the following command: ipconfig.exe /flushdns Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted November 13, 2009 Author MVC Share Posted November 13, 2009 One more thing I think you should add to your guide:The DNS cache is an easy way to view all of the websites you or another person just visited. To clear the DNS cache, create a .bat file with the following command: ipconfig.exe /flushdns What's the command to actually view the DNS cache? Or you could set up the portable Firefox to use an hamachi proxy. That shouldn't leave any DNS trace would it? Link to comment Share on other sites More sharing options...
Colin-uk Veteran Posted November 13, 2009 Veteran Share Posted November 13, 2009 to show dns cache: ipconfig /displaydns yes you will probly have to proxy your connection to stop dns leaks/traces. Link to comment Share on other sites More sharing options...
+Xinok Subscriber² Posted November 13, 2009 Subscriber² Share Posted November 13, 2009 What's the command to actually view the DNS cache? ipconfig /displaydns I don't know about using a proxy. As long as it queries the DNS through the proxy, then it shouldn't leave any trace. I got the tip from a LifeHacker article: http://lifehacker.com/5395267/how-to-reall...leaving-a-trace You could also disable the DNS Cache service (aka DNS Client). It's not required to query the DNS server. Firefox has its own DNS cache, which won't leak any information. Link to comment Share on other sites More sharing options...
_V_ Posted November 13, 2009 Share Posted November 13, 2009 You can disable dns caching : cmd> net stop dnscache Private browsing can not be achieved on a shared/public computer, however. Simply because you wouldn't know what's running on that computer, a simple keylogger (legit software or malware) will be logging every keystroke... other scenarios/threats exist. If its your own computer, then there's no need for portable FF or a pen-drive. If you're paranoid, full system encryption will mitigate physical access, some VPN solution will mitigate remote access. Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted November 13, 2009 Author MVC Share Posted November 13, 2009 You can disable dns caching : cmd> net stop dnscachePrivate browsing can not be achieved on a shared/public computer, however. Simply because you wouldn't know what's running on that computer, a simple keylogger (legit software or malware) will be logging every keystroke... other scenarios/threats exist. If its your own computer, then there's no need for portable FF or a pen-drive. If you're paranoid, full system encryption will mitigate physical access, some VPN solution will mitigate remote access. Lets say someone wanted to look up porn on their computer. But their family at times also uses their machine. Why couldn't they use portable firefox on a true crypt encrypted thumbstick just to look up their porn, yet still have the benifits of history, cache and favorites and cookies. When they are done looking up porn they dis mount and pull the thumbstick out of the computer. So no traces will ever be found by a family member. That's just one example. Link to comment Share on other sites More sharing options...
_V_ Posted November 13, 2009 Share Posted November 13, 2009 Lets say someone wanted to look up porn on their computer. But their family at times also uses their machine. Why couldn't they use portable firefox on a true crypt encrypted thumbstick just to look up their porn, yet still have the benifits of history, cache and favorites and cookies. When they are done looking up porn they dis mount and pull the thumbstick out of the computer. So no traces will ever be found by a family member.That's just one example. That's a shared computer still. No guarantees you're not being spied over by your parents/kids. You'll have to do some serious forensics on that computer every time you think about plug-in in that pen-drive. A shared computer is not private. Link to comment Share on other sites More sharing options...
+Xinok Subscriber² Posted November 13, 2009 Subscriber² Share Posted November 13, 2009 If you're on a shared computer, the best thing to do is to boot into a separate OS. Install the OS onto a separate partition or device (flash drive). Then encrypt it and configure it to use a proxy / VPN. Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted November 13, 2009 Author MVC Share Posted November 13, 2009 All good suggestions but i'm happy with the results this method provides. Link to comment Share on other sites More sharing options...
_V_ Posted November 14, 2009 Share Posted November 14, 2009 All good suggestions but i'm happy with the results this method provides. The problem with this kind of methods, is that it gives a false sense of privacy. Another scenario: You're out of town, you needed to do some private browsing (say, book a flight through PayPal), you head to a shared computer, you roll in your live Linux CD with on-the-fly full encrypted pen-drive, setup access to your (home) VPN server, and begin your browsing. Once done, you disconnect from your VPN Server, dismount the pen-drive, eject the CD and head away happily. There should be no way your data have been compromised with that much of cautious measures, right ?! Wrong. You have missed the hardware key-logger installed inside the keyboard or attached to the keyboard's cable...etc. Denial of physical access to a computer you use for private data (i.e private browsing...) is a must security measure. So again, a shared computer (company, family, public..) is not for private browsing. Link to comment Share on other sites More sharing options...
cpressland2 Posted November 14, 2009 Share Posted November 14, 2009 When you get right down to it, there's no way to be completely secure, your ISP still has a record after all. Here is how I've done it in the past. Grab MacBook, Do full CarbonCopyCloner backup Pack MacBook in nice backpack Take holiday to Spain (No ISP would bother tracking ANYTHING there) Boot Ubuntu via LiveCD Download all the fraked up stuff you can ever hope for directly onto USB Stick and encrypt Now, before coming back DBAN CD 7-Pass Wipe Restore CarbonCopyCloner backup I think that's probably as secure as you're going to get without taking the: Buy laptop, download stuff, use C4 Block to destroy laptop, method Link to comment Share on other sites More sharing options...
Subject Delta Posted November 15, 2009 Share Posted November 15, 2009 Lets say someone wanted to look up porn on their computer. But their family at times also uses their machine. Why couldn't they use portable firefox on a true crypt encrypted thumbstick just to look up their porn, yet still have the benifits of history, cache and favorites and cookies. When they are done looking up porn they dis mount and pull the thumbstick out of the computer. So no traces will ever be found by a family member.That's just one example. If you're worried about that just find a more private place to fap :p Link to comment Share on other sites More sharing options...
spIdeZ Posted December 31, 2009 Share Posted December 31, 2009 For extra prive browsing I use Linux in VirtualBox. It has an added benefits of protecting against viruses from javascript. Link to comment Share on other sites More sharing options...
MS Bob 11 Posted January 1, 2010 Share Posted January 1, 2010 Windows SteadyState: For shared computers and ultimate private browsing. Unfortuately it's not Windows 7 compatible. Link to comment Share on other sites More sharing options...
c3ntury Posted January 2, 2010 Share Posted January 2, 2010 Nice tutorial, could be useful for schools.. Link to comment Share on other sites More sharing options...
Recommended Posts