-
ICMag with help from Landrace Warden and The Vault is running a NEW contest in November! You can check it here. Prizes are seeds & forum premium access. Come join in!
H
hisser
Volga Budmen
Member
I think this will help! thanks
H
hisser
C
CouchGrass
Thanks for a great thread Hisser, most informative and helpful.
I've seen no mention of the Dell Kace browser while checking out the forum and thought I would give it a bit of a plug.
It's designed to work with Dell virtual servers and as a result it uses some leading edge ideas and technology which makes it suitable for use as a secure browser.
Trick 1 is that it is integrated into a sandbox. A sandbox ringfences the memory and disk usage of everything inside so that it cannot break out and see any other part of the pc.
This is currently the same kind of tech that is used in antivirus labs for working with new and unknown viruses so that they cannot harm the test computer. It is also the fundamental basis of the only anti tracking secure Linux distro (Qube OS), and is therefore pretty damn secure.
Trick 2 is that the bundled browser is a Dell customization of Firefox. The way it has been customized is to make a dummy filesystem which it then installs itself inside. This is pretty clever because most scripts are restricted to operations that can only be carried out from the browser subdirectory. As the dummy directories contain nothing else, there is nothing to query or find.
The whole package is a 90 meg download so the overheads are smaller than many other browsers, which means it runs as fast as any other browser I've used.
Installation is simplicity itself and you can then install the usual security addons from the Firefox add-ons dialog box.
It isn't as anonymous as TOR but it is so much faster that it has to be worth checking out, even if it is only to rule it out as a secure option.
I'd love to hear from techies who have a view on the underlying technology or from other Kace users about what they add to Firefox to bulk up security even further.
I've seen no mention of the Dell Kace browser while checking out the forum and thought I would give it a bit of a plug.
It's designed to work with Dell virtual servers and as a result it uses some leading edge ideas and technology which makes it suitable for use as a secure browser.
Trick 1 is that it is integrated into a sandbox. A sandbox ringfences the memory and disk usage of everything inside so that it cannot break out and see any other part of the pc.
This is currently the same kind of tech that is used in antivirus labs for working with new and unknown viruses so that they cannot harm the test computer. It is also the fundamental basis of the only anti tracking secure Linux distro (Qube OS), and is therefore pretty damn secure.
Trick 2 is that the bundled browser is a Dell customization of Firefox. The way it has been customized is to make a dummy filesystem which it then installs itself inside. This is pretty clever because most scripts are restricted to operations that can only be carried out from the browser subdirectory. As the dummy directories contain nothing else, there is nothing to query or find.
The whole package is a 90 meg download so the overheads are smaller than many other browsers, which means it runs as fast as any other browser I've used.
Installation is simplicity itself and you can then install the usual security addons from the Firefox add-ons dialog box.
It isn't as anonymous as TOR but it is so much faster that it has to be worth checking out, even if it is only to rule it out as a secure option.
I'd love to hear from techies who have a view on the underlying technology or from other Kace users about what they add to Firefox to bulk up security even further.
Volga Budmen
Member
great, getting a dell so hope I can try this. I have some anonymX add-on to firefox, anyone have any opinions on that? It told me I exceeded some 200 MB traffic limit and so they are slowing the speed or something, but still seems plenty fast enough to me.
C
CouchGrass
Hi Volga, the browser runs on any hardware with windows so far as I know. It works fine on my HP.
Anonymx is a good one. Most proxies seem to have a bandwidth limit so best practice is to only use them when you need to.
I also use Better Privacy as it deals specifically with the new class of cookies called supercookies. These are flash cookies so they can run system wide and do pretty much what they want. Normal cookie managers don't pick them up at all. It also deletes the flash index cookie which appears to store all sites visited that use flash code.
Anonymx is a good one. Most proxies seem to have a bandwidth limit so best practice is to only use them when you need to.
I also use Better Privacy as it deals specifically with the new class of cookies called supercookies. These are flash cookies so they can run system wide and do pretty much what they want. Normal cookie managers don't pick them up at all. It also deletes the flash index cookie which appears to store all sites visited that use flash code.
Volga Budmen
Member
thanks kindly couchgrass for all the great info!
H
hisser
H
hisser
C
CouchGrass
I'm always interested in free VPN's but this one got the elbow from me in double quick time.
It runs ok but after removing privatevpn.exe from startup it just started up anyway, without even needing to restore any of the registry entries. Don't know how it can do that.
Next I blocked all internet access for it using my firewall. On rebooting it had autostarted again and managed to upload 6 megs and download 8 megs of data within seconds of booting up.
Using task manager to end the service works for about a second and then it just starts itself up again.
I'm not specifically saying it is untrustworthy but anything that can ignore the 'block all network activity' setting in my firewall will be treated as a trojan.
H
hisser
There is no such file "privatevpn.exe" with this package, must be from somewhere else. It is also open source, so there's no hidden code anywhere.
Their servers use standard protocols, so you can use any compatible VPN client you trust instead, the difference is that their client gives you a bigger list of servers to choose from.
C
CouchGrass
My mistake Hisser, the file is called vpnclient.exe so please accept my apologies for that. Everything else I posted is correct, try the following steps for yourself..
End task of vpnclient.exe using task manager and confirm that it restarts itself immediately.
Disable all startup entries, restart pc and confirm that vpnclient.exe still starts automatically and is visible in task manager.
Block all network activity for vpnclient.exe in your firewall, reboot for changes to take effect and then confirm that vpnclient is still running with 20+ open connections.
I'm sure you will agree that many trojans are able to demonstrate very similar capabilities.
The softether.org page states that it is freeware and the source code is not available, so it cannot be classed as open source. The page also states..
SoftEther VPN has strong resistance against firewalls than ever.
Which would explain why it ignores my firewall rules. Sadly they don't explain on there why I'm communicating constantly with 20 pc's I know nothing about or how this helps to keep my details private. If you could shed any light on that I would be most grateful.
End task of vpnclient.exe using task manager and confirm that it restarts itself immediately.
Disable all startup entries, restart pc and confirm that vpnclient.exe still starts automatically and is visible in task manager.
Block all network activity for vpnclient.exe in your firewall, reboot for changes to take effect and then confirm that vpnclient is still running with 20+ open connections.
I'm sure you will agree that many trojans are able to demonstrate very similar capabilities.
The softether.org page states that it is freeware and the source code is not available, so it cannot be classed as open source. The page also states..
SoftEther VPN has strong resistance against firewalls than ever.
Which would explain why it ignores my firewall rules. Sadly they don't explain on there why I'm communicating constantly with 20 pc's I know nothing about or how this helps to keep my details private. If you could shed any light on that I would be most grateful.
A
Alone
What is EXIF Data? Is it true that anyone can look at the EXIF DATA on my pics I upload and find out where I live?
H
hisser
Have you tried uninstalling it or just removing it from startup? uninstalling works fine and there's no sign of vpnclient.exe after that.
Did you check the remote address the process is connected to? it should be connected to your localhost only unless you have connected to a vpn server manually, then it should show one of their addresses. there's no automatic connection on startup option for it, which means it is either an infected process or simply something that is disguised as a file named vpnclient.exe and has nothing to do with ethersoft or vpngate... I suggest doing malware scan using multiple scanners until you catch it.
Better use TCPView to know what it is connected to.
H
hisser
Search this thread for EXIF, it has been already discussed in previous posts.
H
hisser
http://epicbrowser.com/ Epic: A Privacy-Focused Web Browser. Based on chromium.
C
Conformist
Stop kidding yourselves, there's no such thing as being anonymous online.
The only way to be anonymous is by buying a laptop on craiglist while wearing a disguise, hack into someone's network, do your crap, disconnect, spoof your MAC address, watch the dude get raided and never ever use this computer unless you're on someone else's network.
And of course you have to make sure not to be seen or leave physical evidences behind.
The only way to be anonymous is by buying a laptop on craiglist while wearing a disguise, hack into someone's network, do your crap, disconnect, spoof your MAC address, watch the dude get raided and never ever use this computer unless you're on someone else's network.
And of course you have to make sure not to be seen or leave physical evidences behind.
i agree conformist. but we can encrypt our data thereby providing ourselves with a reasonable expectation of privacy and making it more difficult for authorities to know the specifics of such data. the metadata is out there though, which does make anonymity next to impossible. they can see who (ip address) we are communicating with rather easily and also pin down our identities. security and anonymity are different concepts.
