[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] My solution to Tor Browser remember password bug

I've complained here before that the remember password feature in some long previous versions of Tor Browser no longer works. I've accepted it will likely never come back. So I've found the following solution. Maybe it will also work for others, discussion welcome.

In summary, I've installed a password manager, which I've gotten to work with the latest TBB, and also not compromise security.

Recall that I have been running TBB in a PGPdisk on-the-fly encrypted partition, with a highly secure hard-to-guess passphrase. I have confidence, absent the passphrase, that the NSA, FBI, KGB, etc. cannot decrypt a PGP disk. It's not immune to "rubber-hose cryptanalysis," obtaining the passphrase via torture. Maybe also not black-bag cryptanalysis or exploiting security holes in Windows XP or covert installation of keyloggers, etc. Use of Truecrypt, with its hidden disk, and stress passphrase, might address some of that. I have not gone there.

The password manager I chose was RoboForm. I first tried Kaspersky's password manager, but could not find one that did not have all text in Russian, so useless to me.

Roboform can be obtained legitimately at Roboform.com. It can also be obtained for free, with a crack, at torrent sites.

Free versions of PGP do not support PGP disks, but PGP AKA Symantec Encrypted Desktop, version 10.3.0 does, and also supports both Windows XP and Windows 7. There are also free versions, with instructions on registering it for free, thus activating features like PGP Disk, available on torrent sites.

Roboform had one (to me) serious flaw, the password data location is always located in Window's "My Document" folder, which I had not been encrypting. I dealt with this by moving my PGD file to another partition and enlarging it, then moving the old encrypted partition to the new one, deleting the old partition, and assigning the same disk letter to the new encrypted partition. Then I re-allocated the My Document folder to a new directory in the new encrypted partition. To do this, right-click on the My Documents icon on the desktop, then click "Properties," then click "move" and select a location in a new folder on the new encrypted partition. Now the Roboform password data is on My Documents on an encrypted partition. The long passphrase need be entered only after a re-boot or manual dismount of the encrypted partition. Security between re-boots is provided by a moderately long passphrase to unlock Windows from the screen saver, which is activated by inactivity. Or Windows can be manually locked via the using 2 keys, the Windows logo key present on most keyboards, then the letter L.

At present, Roboform does not install automatically on TBB, however it can be manually activated by clicking on the Roboform logo in the task area, clicking on browsers, then selecting the currently active TBB from the list. A Roboform bar will appear in the browser, and Roboform will prompt if you want to save the logon/password on any website where any are present. Roboform will make up a name based on the URL, but this can be renamed after the fact, and multiple logon entries can be organized into folders. The password data can also be edited after the fact. Note that if a Captcha is included in the logon, Roboform will save that also. Since it's different for each logon, you would want to manually remove that from the password entry.

Roboform supports automatically FireFox and Chrome outside of Tor. I've found that the built-in password features of those browsers don't work on more and more websites that attempt to force you to enter passwords manually each logon.

Roboform attempts to provide some security for the password data by prompting for creation/use of a "Master Password." But it will allow you to create new logon entries without one. Just click cancel when prompted for the master passphrase. It will then ask if you want to store the data entry without one. Since the password data itself is on an encrypted partition, you don't need another passphrase. I also store my PGP keyrings on this encrypted partition, so my secret PGP keys don't have passphrases either.

For future possibilities, both Truecrypt and PGP 10.3 support encrypting the boot partition. PGP also supports encrypting disks with a PGP key, rather than a passphrase. So if the keyring were moved to the boot disk, and other encrypted partitions were changed from passphrase to PGP key unlocking, this could stop bad guys at an even earlier stage, and Truecrypt's stress passphrase and hidden volume feature could provide added security in stress situations, such as passing through customs, where I was threatened with confiscation of my laptop if I didn't provide the passphrase to my encrypted partition. What I should have done was disable the automatic prompt for the passphrase, possibly rename the PGD files to something else, like random.dat, and the Customs goon wouldn't have even known there was an encrypted partition. Of course, this was all security theatre. If I had any really sensitive information, I could encrypt it and email it to myself, then delete it from the laptop.

An issue with encrypting the boot drive might be how to back it up. I currently use Paragon disk backup to backup a disk image while XP is running. I think that would not preserve the encryption, and I would have to re-encrypt after a restore. I could use a bootable CD to backup that partition, as I do now to restore it, but then it would also backup the page files and compression wouldn't work, so much longer time and space required. So I haven't gone there yet, and may not.

Again, any comments welcome.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to