Friday, April 1, 2016

Browser: Digital cover and concealment

I originally posted this on LinkedIn, but I wanted to repost because last night I saw the movie, The American, (gift from Kathy's brother). There is a scene near the end where a sniper is setting up to shoot George Clooney and she is standing on a roof with the gun up against a gutter and my brain was screaming Oh Nooooo. She is not shooting from cover. Repeat after me, a line from another famous movie, The Shooter, "Snipers always shoot from cover".

Full credit for these ideas belongs to Glen Sharlun, former US Marine, SANS Instructor and friend, (, and I am using with permission. Let's start with a screen shot.

 I am sitting in Hawaii logged on to Yahoo. But look closer. All the content is personalized for South Africa. More on that shortly. Before I start, I have no financial relationship to Authentic8, but every once in a while a security technology looks like a game changer. On to Glen's observations and my comments.

Cover is protection from the fire of hostile weapons.
Concealment is protection from observation,..., but not from hostile fire.
-MCWP 3-11.1 4.1 So in the military/LEA (hell, any 'active shooter' scenario), the conversation almost always starts with 'immediately seek Cover and Concealment', when dealing with a hostile enemy.
  • Using a single standard browser is surfing without any (digital) Cover or Concealment
Funny, an hour before I received this email from Glen, I was bugging coworker to download the Opera browser. It is not perfect by any means, it is in bed with tons of trackers, but it has less vulnerabilities than Chrome and beats using a single browser.
  • Using multiple browsers is surfing with no (digital) cover, but some (digital) concealment.
= A lot of concealment actually. I mostly use a Mac with six different browsers on my desktop. In order to support and grade a SANS Technology Institute grad student project I slipped by Costco to get a Windows 10 box, that adds Edge, Internet Explorer, (needed for updates), Firefox/NoScript, (so I do have some cover), TOR, Chrome and Opera. I would assert I cannot be uniquely identified by my browser fingerprint.
  • Using Tor (or such) is no (digital) cover, but good (digital) concealment.
Especially if you click on that link right after you install to *really* be safe!
  • Using Silo is excellent (digital) cover, and good concealment.
A couple weeks ago, I got the love letter from OPM telling me my information had been compromised and wrote a LinkedIn post of the subject. One of the comments said that anyone involved in that adventure could get Silo for free for a year
Silo is a browser, but it is in the cloud. You don't get executable stuff, so drive by malware can't get you. It reminds me a bit of the Google Docs Viewer, so when you see spreadsheets, .pdfs or .docxs online, it opens them in Google Docs and simply displays them to Firefox, (which gives you some digital cover).
  • Using Toolbox is excellent (digital) cover and excellent (digital) concealment.

Toolbox is an upgrade to Silo. It is pretty cool. You can choose your browser fingerprint AND a bit like TOR, you can choose the point where you appear to have accessed the Internet. For the screenshot on this post, I chose South Africa which is why Yahoo is giving me .ZA regionalized ads and content. 

1/12/16 When I upgraded to El Capitan Pirisoft CCleaner quit working. I downloaded and installed it today. Keep in mind that I use the various browser's clear history function every couple of days. It took 875.836 seconds to clean 14, 609 files. That is a heck of a lot of state.


  1. Thanks Stephen...what do you think about Tails cover/concealment?

  2. You have discussed an interesting topic that every body should know. Very well explained with examples. i have found a similar websiteHigh Security Key visit the site to know more about Home - Securam