[tor-talk] My solution to Tor Browser remember password bug

Fri Feb 28 17:25:54 UTC 2014

I've complained here before that the remember password feature in some 
long previous versions of Tor Browser no longer works. I've accepted it 
will likely never come back. So I've found the following solution. Maybe 
it will also work for others, discussion welcome.

In summary, I've installed a password manager, which I've gotten to work 
with the latest TBB, and also not compromise security.

Recall that I have been running TBB in a PGPdisk on-the-fly encrypted 
partition, with a highly secure hard-to-guess passphrase. I have 
confidence, absent the passphrase, that the NSA, FBI, KGB, etc. cannot 
decrypt a PGP disk. It's not immune to "rubber-hose cryptanalysis," 
obtaining the passphrase via torture. Maybe also not black-bag 
cryptanalysis or exploiting security holes in Windows XP or covert 
installation of keyloggers, etc. Use of Truecrypt, with its hidden disk, 
and stress passphrase, might address some of that. I have not gone there.

The password manager I chose was RoboForm. I first tried Kaspersky's 
password manager, but could not find one that did not have all text in 
Russian, so useless to me.

Roboform can be obtained legitimately at Roboform.com. It can also be 
obtained for free, with a crack, at torrent sites.

Free versions of PGP do not support PGP disks, but PGP AKA Symantec 
Encrypted Desktop, version 10.3.0 does, and also supports both Windows 
XP and Windows 7. There are also free versions, with instructions on 
registering it for free, thus activating features like PGP Disk, 
available on torrent sites.

Roboform had one (to me) serious flaw, the password data location is 
always located in Window's "My Document" folder, which I had not been 
encrypting. I dealt with this by moving my PGD file to another partition 
and enlarging it, then moving the old encrypted partition to the new 
one, deleting the old partition, and assigning the same disk letter to 
the new encrypted partition.  Then I re-allocated the My Document folder 
to a new directory in the new encrypted partition.  To do this, 
right-click on the My Documents icon on the desktop, then click 
"Properties," then click "move" and select a location in a new folder on 
the new encrypted partition. Now the Roboform password data is on My 
Documents on an encrypted partition. The long passphrase need be entered 
only after a re-boot or manual dismount of the encrypted partition. 
Security between re-boots is provided by a moderately long passphrase to 
unlock Windows from the screen saver, which is activated by inactivity. 
Or Windows can be manually locked via the using 2 keys, the Windows logo 
key present on most keyboards, then the letter L.

At present, Roboform does not install automatically on TBB, however it 
can be manually activated by clicking on the Roboform logo in the task 
area, clicking on browsers, then selecting the currently active TBB from 
the list. A Roboform bar will appear in the browser, and Roboform will 
prompt if you want to save the logon/password on any website where any 
are present. Roboform will make up a name based on the URL, but this can 
be renamed after the fact, and multiple logon entries can be organized 
into folders. The password data can also be edited after the fact. Note 
that if a Captcha is included in the logon, Roboform will save that 
also. Since it's different for each logon, you would want to manually 
remove that from the password entry.

Roboform supports automatically FireFox and Chrome outside of Tor. I've 
found that the built-in password features of those browsers don't work 
on more and more websites that attempt to force you to enter passwords 
manually each logon.

Roboform attempts to provide some security for the password data by 
prompting for creation/use of a "Master Password." But it will allow you 
to create new logon entries without one. Just click cancel when prompted 
for the master passphrase. It will then ask if you want to store the 
data entry without one. Since the password data itself is on an 
encrypted partition, you don't need another passphrase. I also store my 
PGP keyrings on this encrypted partition, so my secret PGP keys don't 
have passphrases either.

For future possibilities, both Truecrypt and PGP 10.3 support encrypting 
the boot partition. PGP also supports encrypting disks with a PGP key, 
rather than a passphrase. So if the keyring were moved to the boot disk, 
and other encrypted partitions were changed from passphrase to PGP key 
unlocking, this could stop bad guys at an even earlier stage, and 
Truecrypt's stress passphrase and hidden volume feature could provide 
added security in stress situations, such as passing through customs, 
where I was threatened with confiscation of my laptop if I didn't 
provide the passphrase to my encrypted partition. What I should have 
done was disable the automatic prompt for the passphrase, possibly 
rename the PGD files to something else, like random.dat, and the Customs 
goon wouldn't have even known there was an encrypted partition. Of 
course, this was all security theatre. If I had any really sensitive 
information, I could encrypt it and email it to myself, then delete it 
from the laptop.

An issue with encrypting the boot drive might be how to back it up. I 
currently use Paragon disk backup to backup a disk image while XP is 
running. I think that would not preserve the encryption, and I would 
have to re-encrypt after a restore. I could use a bootable CD to backup 
that partition, as I do now to restore it, but then it would also backup 
the page files and compression wouldn't work, so much longer time and 
space required. So I haven't gone there yet, and may not.

Again, any comments welcome.