AOH :: ISN-2968.HTM

Browsing with Browzar

Browsing with Browzar
Browsing with Browzar


Unwrap the Hidden Benefits of Compliance 

Improve Software Quality and Reduce Costs 

Filtering the Spectrum of Internet Threats: Defending Against 
Inappropriate Content, Spyware, IM, and P2P at the Perimeter 

=== CONTENTS ==================================================
IN FOCUS: Browsing with Browzar 

   - Firefox 2.0 Beta 2 Released
   - Sunbelt Discontinues LanHound, Sells Customer Base
   - 9 Ways to Diagnose Windows 2003 IPsec Problems
   - Recent Security Vulnerabilities

   - Security Matters Blog: Microsoft Wants Your Help on Mobile 
   - FAQ: Hide Domain List During Logon
   - From the Forum: NTFS Permissions for Users with Multiple Group 
   - Share Your Security Tips
   - Microsoft Learning Paths for Security: A More Secure Platform 
Through Identity and Access Management

   - Filter Fights Spyware
   - Wanted: Your Reviews of Products 




=== SPONSOR: Quest Software ====================================
Unwrap the Hidden Benefits of Compliance
   If your compliance solutions only address compliance, you're not 
getting the most for your budget dollar. The new Quest Software white 
paper, "Leveraging Business Value from Compliance Efforts," offers 
expert tips for identifying compliance solutions with high business 
   Read the white paper now. 

=== IN FOCUS: Browsing with Browzar ===========================   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

There's a new Web browser in town and so far it looks pretty darn good, 
especially from a privacy perspective. However, there is a caveat, 
which I'll discuss in a moment. The new tool, called Browzar, is 
available free to anyone. The current version is only 264.4KB in size. 
That's not a misprint, it's really that small!

Browzar is billed as "the first ever 'freedom' Internet browser" 
because of the way it works: It doesn't save a cache, history, cookies, 
favorites, or other telltale information. When you close Browzar, any 
information that was temporarily stored is automatically deleted, so 
you don't need to remember to do that manually. 

Using Browzar is incredibly simple to use because it's contained in a 
single executable file, and technically you don't even need to install 
Browzar onto a system. If your system allows you to, you could just go 
to the Browzar site, click the download link, and tell the system to 
open the file and run it. 

I took Browzar for a test drive and surfed many Web sites. So far, I 
haven't found any problems with compatibility. Browzar is currently 
available for Windows 98 Second Edition and later, and requires 
Microsoft IE 5.5 or later to be installed on the computer. 

Obviously, Browzar gains a lot of its functionality based on the 
capabilities of an already-installed copy of IE. When I tested the 
tool, I found that it supports NTLM authentication, JavaScript, and 
other features such as Adobe Systems' .pdf files and Flash. Components 
to support the last two features were installed on the system I used to 
test-drive Browzar. 

A quick test also revealed that Browzar's reliance on IE extends to 
IE's security settings. For example, if ActiveX controls and scripting 
are disabled in IE, then sites that rely on those technologies won't 
work in Browzar either. 

Browzar's use of IE's rendering engine raises the question of just how 
secure Browzar really is. Browzar being based on IE could be a major 
drawback because many security vulnerabilities that affect IE will also 
affect Browzar. So keep this mind if and when you use it. Browzar is 
best suited for situations in which you want to make sure nobody will 
be able to easily recover your browsing history and other sensitive 
information that you might have entered while surfing various sites.

The only configuration settings available in Browzar are to have it 
check for updates (which is useful if you've copied it to any type of 
storage device) and to turn on or off the built-in pop-up blocker. The 
interface is clean and simple, providing only the typical address box 
along with the usual navigation buttons and a tiny search box at the 
top right of the screen, similar to that in Mozilla Firefox. The search 
box isn't configurable, so when you use it, your queries are sent to 
the Browzar site, which runs its own search engine. I noticed that a 
lot of the returned results are sponsored links. Of course, you're free 
to visit any search engine you want by entering its URL into the 
address box. 

You can get the Windows version now at the URL below. Versions are also 
planned for Mac OS X and Linux. 

Browzar will come in handy when you use shared computers, such as those 
found at libraries, hotels, conferences and conventions, coffee shops, 
and business partner and customer networks. Keep in mind that this 
newly released tool is still in beta development, so while it worked 
really well during my test, it does have bugs. For example, some people 
report that it doesn't delete all cached Web pages and others report 
that it sometimes might leave the last visited URL in IE's index.dat 
file. I confirmed the latter bug through my own tests but wasn't able 
to reproduce the first bug. 

=== SPONSOR: Klocwork ==========================================
Improve Software Quality and Reduce Costs
   New White Paper from Klocwork: Improve software quality and reduce 
life-cycle costs by incorporating Static Analysis tools into your 
routine development processes. Results: More maintainable code, more 
secure, reliable software and a more predictable development process. 
Download White Paper. 

=== SECURITY NEWS AND FEATURES ================================
Firefox 2.0 Beta 2 Released
   Mozilla Foundation announced the availability of Firefox 2.0 Beta 2, 
which includes many enhancements, including a few that improve the 
browser's security. 

Sunbelt Discontinues LanHound, Sells Customer Base
   Sunbelt Software will cease development and distribution of 
LanHound, the company's network analyzer product. Network Instruments 
is offering Sunbelt's LanHound customers its Observer product as a 
replacement for LanHound. 

9 Ways to Diagnose Windows 2003 IPsec Problems
   You've implemented IPsec to protect traffic on your organization's 
LAN, and although you've followed all the technical documents 
carefully, you aren't convinced that the traffic on your network is 
actually protected from eavesdroppers. How can you reassure yourself 
that IPsec is truly encrypting your computers' network traffic? Orin 
Thomas shows you how in this article on our Web site. 

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at 

=== SPONSOR: St. Bernard Software =============================
Filtering the Spectrum of Internet Threats: Defending Against 
Inappropriate Content, Spyware, IM, and P2P at the Perimeter
   Examine the threats of allowing unwanted or offensive content into 
your network and learn about the technologies and methodologies to 
defend against inappropriate content, spyware, IM, and P2P. 

=== GIVE AND TAKE =============================================
SECURITY MATTERS BLOG: Microsoft Wants Your Help on Mobile Security
by Mark Joseph Edwards, 

Bill Canning, program manager for Microsoft Solutions for Security and 
Compliance, posted a message in the company's SecGuide blog asking for 
help in developing a solution to protect data on laptops against loss 
or theft. Read this blog item to find out how you can help. 

FAQ: Hide Domain List During Logon
by John Savill, 

Q: How can I use Group Policy to hide the domain drop-down list in the 
Windows logon dialog box? 

Find the answer at 

FROM THE FORUM: NTFS Permissions for Users with Multiple Group 
   A forum participant has a particular folder to which one user in a 
particular group needs read and write access but the rest of the group 
should not have access. He wonders how best to arrange NTFS permissions 
to accomplish that. Join the discussion at: 

   Share your security-related tips, comments, or problems and 
solutions in the Windows IT Security print newsletter's 
Reader to Reader column. Email your contributions to If we print your submission, you'll 
get $100. We edit submissions for style, grammar, and length.

Identity and Access Management 
   Take the either/or scenario out of asset accessibility and security. 
By automating management, IT departments can reduce operational costs 
while improving security. Use the resources listed on the Microsoft 
Learning Paths Web page to get in-depth information about identity and 
access management--the simplified, secure sharing of digital identities 
across security boundaries. Find out how to provide a secure 
environment for managing user identities, authentication methods, and 
access rights across an organization's internal and external users. 

=== PRODUCTS ================================================== by Renee Munshi, 

Filter Fights Spyware
   NullBound announced the NullBound Malware Prevention System, a 
filtering system that watches Internet traffic for incoming spyware and 
blocks the malware from entering your network. You can download 
NullBound Malware Prevention System for free from the NullBound Web 
site and receive free monthly updates. Or you can purchase a 
subscription (a one-year subscription starts at $400 for up to 49 
users) and receive updates as soon as they're available. For more 
information, go to 

WANTED: your reviews of products you've tested and used in 
production. Send your experiences and ratings of products to and get a Best Buy gift certificate. 

=== RESOURCES AND EVENTS ======================================
   Attend the 2006 Cross Platform Data roadshows to learn about 
optimizing 64-bit database computing, business intelligence for SQL 
Server and Oracle, high-availability proof points for database 
computing, and implications of architectural differences between Oracle 
and SQL. Coming to 12 US cities in September and October. Connections Conference 
Now in its seventh year, Windows Connections returns November 6-9 to 
Mandalay Bay in Las Vegas. Don't miss your chance to interact with 
industry experts and hear the latest information on Windows Server 
2003, Windows 2000 Server, and Windows XP Professional! Register, then 
attend sessions at Microsoft Exchange Connections FREE! 

Are you protected company-wide against spyware, keyloggers, adware, and 
backdoor Trojan horses? Test a state-of-the-art scanning engine that 
uses threat signatures from multiple sources to track down the culprits 
that antivirus solutions alone can't protect you from. Download your 
free 30-day trial of CounterSpy Enterprise today! 

Ensure that you're being effective with your internal network security. 
Are your DIY options protecting you against worms, BotNets, Trojans and 
hackers? Make sure! On-Demand Web Seminar 

Take an up-to-date look at secure, remote access to corporate 
applications and stay ahead of the curve when making decisions about 
near- and long-term IT infrastructure. On-Demand Web Seminar 

=== FEATURED WHITE PAPER ======================================
Do you want to block unwanted or undesirable email? Download this free 
whitepaper to learn how to manage the content of information crossing 
your network. 

=== ANNOUNCEMENTS =============================================
Uncover Essential Windows Knowledge Through Excavator 
   Try out the ultimate vertical search tool--Windows Excavator. 
Windows Excavator gives you fast, thorough third-party information 
while filtering out unwanted content. Visit today! 

Discounted Offer for the Windows IT Pro Master CD 
   Save 50% off the Windows IT Pro Master CD! Order now and get access 
to the entire Windows IT Pro article database on CD. Subscribe now: 

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and the Windows IT Security newsletter 
(subscribe at the second URL below).

Subscribe to Security UPDATE at 

Be sure to add 
to your antispam software's list of allowed senders.

To contact us: 
About Security UPDATE content -- 
About technical questions -- 
About your product news -- 
About your subscription -- 
About sponsoring Security UPDATE -- 

View the Windows IT Pro privacy policy at 

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

HITBSecConf2006 - Malaysia 
The largest network security event in Asia 
32 internationally renowned speakers 
7 tracks of hands-on technical training sessions. 
Register now: 

Site design & layout copyright © 1986-2015 CodeGods