SecBrowser: A Security-hardened, Non-anonymous Browser - DEPRECATED

Yes, because start-tor-browser (by Tor Project) doesn’t know about --clearnet. That is because only /usr/bin/torbrowser (by Whonix) had recently --clearnet implemented.

So only /usr/bin/torbrowser --clearnet makes sense.

/usr/bin/torbrowser --clearnet will set that automatically. (See also bash -x /usr/bin/torbrowser --clearnet)

I doubt that. Very Tor community specific. And ambiguous also. Has at least two meanings.

https://www.whonix.org/wiki/FAQ#What_is_Clearnet.3F

Yay.

Thanks for the offer, tough I think too much work and not much gain. So better safe the time.

Systemd method would start firefox as root as a service. But even systemd user services wouldn’t give us anything related to multiple user.js files.

Tor Browser 8.5 in Whonix no longer can save passwords (and it deleted all existing ones) allowed for savings passwords by default.

Untested.

Installed tb-updater with the latest commit and I was not able to set a master password which is required for Tor Browser to remember passwords.

Password Change Failed

Unable to change Master Password.

However, user names are remembered. Looks like one of our custom user.js prefs disables this function for Tor Browser without Tor.

I tested the instructions in Fedora-29. Interestingly, disabling private browsing mode is all that is needed to save passwords. Also torbrowser-launcher was removed from Debian testing (buster). So the only option is to install from Debian unstable (sid).

https://tracker.debian.org/pkg/torbrowser-launcher
https://packages.debian.org/sid/torbrowser-launcher

For Qubes Documentation I’m going to include instructions to install from Debian sid and a separate instructions using tb-updater. And the current Whonix tutorials will be updated as well.

Would be ok but any reason to keep torbrowser-launcher?

For simplicity I would suggest tb-updater all the way.

Can we please make this page https://www.whonix.org/wiki/Tor_Browser_without_Tor sound more exciting? That project did not catch on yet.

The security community is much bigger than the privacy/anonymity communities. If they know there was a hardened browser, a lot people would use it. Would be good to have help, attention and development support of the security community. Hardened Firefox should be a thing in the security community. But information spreads much less than one would expect nowadays. A public wiki page somewhere doesn’t necessarily lead to wide publication. It’s still like “a secret”.

To start this, is anyone up for aggregating primarily the security enhancements that Tor Browser implements? (Secondarily perhaps also privacy enhancements.) Perhaps a comparative table similar to https://www.whonix.org/wiki/Sdwdate#sdwdate_vs_ntp? Perhaps some libre licensed selfrandom images?

The Tor Browser doesn’t increase security from default Firefox except maybe changing the security sliders which can just be easily gotten on default Firefox. The sandboxed Tor Browser version has also been dead for a while now. I wouldn’t name it something related to security like that.

https://www.whonix.org/wiki/Tor_Browser_without_Tor mentions a few things.

Security enhancements:

• improved exploit protection through selfrando [4]
• disable WebRTC [5]
• security slider
• noscript installed by default
• reproducible builds

• To provide users with optional defense-in-depth against JavaScript and other potential exploit vectors, we also include NoScript.
  [6]

• We also modify several extension preferences from their defaults.
  [6]

• proxy and DNS configuration obedience
• Full RELRO [7]

Is there really no more to it? I haven’t reviewed all Tor Browser design docs yet or at least cannot recite that part. Anyone up to do that?

Does disabling WebRTC improve security? I know it leaks your IP but that’s more of an anonymity issue than a security one.

I never knew about the selfrando and relro. Those are interesting.

Not that I’m aware of. I’ve skimmed through the design doc before and never found anything that would improve security much,

There is this part but the only actual security feature would be the security slider that just changes a few about:config options.

madaidan via Whonix Forum:

Does disabling WebRTC improve security? I know it leaks your IP but that’s more of an anonymity issue than a security one.

The more gets disabled, the less attack surface.

There were a couple of vulns:
https://www.cvedetails.com/product/33499/Webrtc-Project-Webrtc.html?vendor_id=15802

So why mention WebRTC specifically? There are plenty of things that get disabled in the Tor Browser that could be considered as reducing attack surface.

Those were fixed years ago and there are very little.

WebRTC was previously shown to leak sensitive info when VPNs are used. VPNs are very popular. This could perk the interest of those users. WebRTC disabled

Unfortunately perception sometimes trumps reality.

madaidan via Whonix Forum:

So why mention WebRTC specifically? There are plenty of things that get disabled in the Tor Browser that could be considered as reducing attack surface.

No specific reason. Documentation / lack of research issue.

Maybe it should be changed to “Reduced attack surface”?

Reducing attack surface is a part of security enhancement.

I know, I meant that the “disabled WebRTC” part should probably be changed to “reduced attack surface” in the wiki as it isn’t just WebRTC that is disabled.

That’s ok, also to other examples would be useful generally.

We need a start menu icon for SecBrowser.