Taking private browsing to the next level.


Recommended Posts

Taking private browsing to the next level.


This guide is meant to help you keep people from snooping on your browser activities, locally on your computer. This is not meant to keep you anonymous on the internet. Icall it taking private browsing to the next level because I'm comparing it to the private browsing feature most of the browsers have. In that regard this give you so much more privacy with none of the sacrifices.

 

This year, web browsers started giving you the option to privately browse the internet without leaving a trace of your session on the computer.

What if you could have a browser session that is both private, doesn't leave a trace on the machine you are using, yet still lets you enjoy internet caching, favorites and everything a web browser can offer?

The first option that came to my mind was "Portable Firefox". A version of Firefox that doesn't need to be installed and can be run off of a any sort of removable device. This works pretty well, but anybody who has potential access to your removable device also has access to your "Portable Firefox" and everything you've been doing with it.

So I thought there had to be a way to make the device accessible to you and not someone else, even if they had access to it. So I thought, lets combine Portable Firefox with TrueCrypt. Even if someone had access to the device, they wouldn't be able to access the contents without first decrypting it using your password.

This guide will walk you through setting up a Truecrypt container on a removable device and then installing Portable Firefox onto it.
 

If you would rather watch a video on now to do it, rather than read, I made a video for you below.



Best if watched in 720p

First download and install TrueCrypt from the following website.
http://www.truecrypt.org/downloads

Part 1 Setting up your removable device as a Traveler Disc.

1) Plug in the removable device you wish to use with TrueCrypt.
2) Launch TrueCrypt
3) Click on the Tools.
4) Select "Traveler Disc Setup"

travlerdisksetup.jpg

In this next section we will be choosing the device we want to use. We won't be encrypting the entire device, just a file that TrueCrypt will use as the container .
5) Under "File Settings" Click the browse button

disksetup.jpg

6) Select the removable device you wish to use (Double check that you have the correct one selected) then click ok
7) Uncheck "Include TrueCrypt Volume Creation Wizard is checked" We'll do that next.
The autorun section gives you the option to have TrueCrypt automatically run when you insert the device into a computer.
8) Click the "Create "
9) Once complete click the close.

Part 2 Creating a TrueCrypt Volume

1) Click the Tools menu
2) Click "Volume Creation Wizard"

volumef.jpg

3) Select "Create an encrypted File Container"

choosei.jpg

4) Click Next
5) Select "Standard TrueCrypt Volume"

standardl.jpg

6) In the volume location box, type in the drive letter of your device along with the name you wish to use for the new TrueCrypt container (Example i:\firefox). Double check that you have it typed in correctly.

locatiuon.jpg

TrueCrypt also gives you the option of saving or never saving your history. When you open TrueCrypt off your removable device, do you always want the path to the last container you decrypted to default in?" I actually prefer it that way. Someone still has to know the password to unlock it. It's a pain in the butt to have to browse for the container each and every time. So I just have it remember it for me, but it's up to you.

7) Click Next
8) Select your type of encryption.

encript.jpg

9) Click Next
8) Now it's time choose how much of the device you wish use. If you are using the device just for Portable Firefox than go head and use all of it. If it's going to be a device that also has other things on it then just use some of it.

sizel.jpg

9) Click Next.
8) Type in the password you with to use.

passwordk.jpg

9) Click Next
10) Choose the type of file system you wish to use. Personally I'd recommend using "NTFS" This will not format your entire device. It will just format the file you will be storing all your stuff in. Once mounted that file will appear as a separate drive letter.

formatvz.jpg

11) Once ready click format.
12) Once complete close out to the main TrueCrypt screen.

Part 3: Mounting your TrueCrypt container.

To mount the container you can either use the version of TrueCrypt installed on your machine or the standalone version located in the "TrueCrypt" directory on your removable device.

1) Open TrueCrypt (which should still technically be open unless you closed it already)
2) Click the "Select File" button.
3) Browse to your device and double click the volume you just created (if you used the example I gave earlier, then it will be called Firefox). If done correctly in the volume box you should now see your drive letter along with the name of your container (example L:\firefox)
4) Click the "Mount" button.

mountc.jpg

5) Type in your password and click ok
6) Your encrypted container should now mount as its own drive letter (mine always mounts as J). You will see which letter it mounted as on the main TrueCrypt screen.

Well the hard part is done. We can now download portable Firefox and extract it to your device.

Part 4: Portable Firefox

1) Download portable Firefox from http://portableapps....irefox_portable
2) Once its down downloaded open it. It will ask you where you want to extract it to.

portablez.jpg

If your Truecrypt volume is already mounted you can extract it there. Personally I would recommend extracting it to a folder on your desktop and then pasting it onto your device. Doing so will put FirefoxPortable.exe on the root of your Truecrypt volume instead of inside a sub folder.

Holy crap we're done!!

Everything is all ready to go. When you mount your TrueCrypt volume and launch Firefoxportable.exe from the device it operates just like Firefox would if it was installed. Add-ons, cache, favorites, everything. Everywhere you browse and every site you look at is stored on this device and not the computer you are using. This portable browsing session can also be plugged into ANY computer. Meaning you can take this with you everywhere.

At this point open up FirefoxPortable.exe and download all of your favorite add-ons, import your bookmarks and set it up just how you like it. Once you are done and Firefox is closed you can unplug the device from your computer (Technically you should un mount it first, but I always just pull it out). Next time its plugged in your password has to be reentered in order to use it.

Enjoy

  • Like 2
Link to comment
Share on other sites

not a bad idea.

but if your using this on a machine that isnt your own, your gunna need admin access to run truecrypt before you can run firefox.

Unless you are running this in a corporate environment I don't see this being an issue. But you also have to be aware of how filthy peoples machines are.

Link to comment
Share on other sites

Unless you are running this in a corporate environment I don't see this being an issue. But you also have to be aware of how filthy peoples machines are.

What about school, libraries, and other public places? That's where you'd really want private browsing, but are least likely to have admin access.

Link to comment
Share on other sites

What about school, libraries, and other public places? That's where you'd really want private browsing, but are least likely to have admin access.

At my old school you couldn't run ANY of your own apps unless you used a portable HDD and even then I tried running firefox and I needed the schools proxy settings and ofc Internet Options was restricted.

Where I work I can run my own browser but had to get permission to do it as I HAAAAATE IE6 (makes me want to break down into a puddle of tears)!

Link to comment
Share on other sites

  • 3 weeks later...

Interesting concepts but I got one question: do you trust the machine your usb flash will run on and expose your data with? Kompressor, that indeed would be easier than making a truecrypt traveler usb disk which would require administration access. But again do you trust the computer you will access the cloud to? And what intrigues me about clouds, is whether your files and browsing experience is all saved in some data centre and issues of ownership arise.

Edited by zerrar
Link to comment
Share on other sites

Interesting concepts but I got one question: do you trust the machine your usb flash will run on and expose your data with? Kompressor, that indeed would be easier than making a truecrypt traveler usb disk which would require administration access. But again do you trust the computer you will access the cloud to? And what intrigues me about clouds, is whether your files and browsing experience is all saved in some data centre and issues of ownership arise.

Wether you want to use it on other peoples machines is up to you. Personally I just use this on my main machine.

Link to comment
Share on other sites

One more thing I think you should add to your guide:

The DNS cache is an easy way to view all of the websites you or another person just visited. To clear the DNS cache, create a .bat file with the following command:

ipconfig.exe /flushdns

Link to comment
Share on other sites

One more thing I think you should add to your guide:

The DNS cache is an easy way to view all of the websites you or another person just visited. To clear the DNS cache, create a .bat file with the following command:

ipconfig.exe /flushdns

What's the command to actually view the DNS cache?

Or you could set up the portable Firefox to use an hamachi proxy. That shouldn't leave any DNS trace would it?

Link to comment
Share on other sites

What's the command to actually view the DNS cache?

ipconfig /displaydns

I don't know about using a proxy. As long as it queries the DNS through the proxy, then it shouldn't leave any trace.

I got the tip from a LifeHacker article:

http://lifehacker.com/5395267/how-to-reall...leaving-a-trace

You could also disable the DNS Cache service (aka DNS Client). It's not required to query the DNS server. Firefox has its own DNS cache, which won't leak any information.

Link to comment
Share on other sites

You can disable dns caching : cmd> net stop dnscache

Private browsing can not be achieved on a shared/public computer, however. Simply because you wouldn't know what's running on that computer, a simple keylogger (legit software or malware) will be logging every keystroke... other scenarios/threats exist.

If its your own computer, then there's no need for portable FF or a pen-drive. If you're paranoid, full system encryption will mitigate physical access, some VPN solution will mitigate remote access.

Link to comment
Share on other sites

You can disable dns caching : cmd> net stop dnscache

Private browsing can not be achieved on a shared/public computer, however. Simply because you wouldn't know what's running on that computer, a simple keylogger (legit software or malware) will be logging every keystroke... other scenarios/threats exist.

If its your own computer, then there's no need for portable FF or a pen-drive. If you're paranoid, full system encryption will mitigate physical access, some VPN solution will mitigate remote access.

Lets say someone wanted to look up porn on their computer. But their family at times also uses their machine. Why couldn't they use portable firefox on a true crypt encrypted thumbstick just to look up their porn, yet still have the benifits of history, cache and favorites and cookies. When they are done looking up porn they dis mount and pull the thumbstick out of the computer. So no traces will ever be found by a family member.

That's just one example.

Link to comment
Share on other sites

Lets say someone wanted to look up porn on their computer. But their family at times also uses their machine. Why couldn't they use portable firefox on a true crypt encrypted thumbstick just to look up their porn, yet still have the benifits of history, cache and favorites and cookies. When they are done looking up porn they dis mount and pull the thumbstick out of the computer. So no traces will ever be found by a family member.

That's just one example.

That's a shared computer still. No guarantees you're not being spied over by your parents/kids. You'll have to do some serious forensics on that computer every time you think about plug-in in that pen-drive. A shared computer is not private.

Link to comment
Share on other sites

If you're on a shared computer, the best thing to do is to boot into a separate OS. Install the OS onto a separate partition or device (flash drive). Then encrypt it and configure it to use a proxy / VPN.

Link to comment
Share on other sites

All good suggestions but i'm happy with the results this method provides.

The problem with this kind of methods, is that it gives a false sense of privacy.

Another scenario: You're out of town, you needed to do some private browsing (say, book a flight through PayPal), you head to a shared computer, you roll in your live Linux CD with on-the-fly full encrypted pen-drive, setup access to your (home) VPN server, and begin your browsing. Once done, you disconnect from your VPN Server, dismount the pen-drive, eject the CD and head away happily. There should be no way your data have been compromised with that much of cautious measures, right ?! Wrong. You have missed the hardware key-logger installed inside the keyboard or attached to the keyboard's cable...etc.

Denial of physical access to a computer you use for private data (i.e private browsing...) is a must security measure. So again, a shared computer (company, family, public..) is not for private browsing.

Link to comment
Share on other sites

When you get right down to it, there's no way to be completely secure, your ISP still has a record after all. Here is how I've done it in the past.

Grab MacBook, Do full CarbonCopyCloner backup

Pack MacBook in nice backpack

Take holiday to Spain (No ISP would bother tracking ANYTHING there)

Boot Ubuntu via LiveCD

Download all the fraked up stuff you can ever hope for directly onto USB Stick and encrypt

Now, before coming back

DBAN CD 7-Pass Wipe

Restore CarbonCopyCloner backup

I think that's probably as secure as you're going to get without taking the:

Buy laptop, download stuff, use C4 Block to destroy laptop, method

Link to comment
Share on other sites

Lets say someone wanted to look up porn on their computer. But their family at times also uses their machine. Why couldn't they use portable firefox on a true crypt encrypted thumbstick just to look up their porn, yet still have the benifits of history, cache and favorites and cookies. When they are done looking up porn they dis mount and pull the thumbstick out of the computer. So no traces will ever be found by a family member.

That's just one example.

If you're worried about that just find a more private place to fap :p

Link to comment
Share on other sites

  • 1 month later...

Windows SteadyState: For shared computers and ultimate private browsing. Unfortuately it's not Windows 7 compatible.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.