Browser Bubble

Complete Browser Isolation For Total Privacy And Security.

Browser Bubble is not released yet so these docs will likely change often.

What is it?

Browser Bubble is a Windows application that provides virtual machine-like isolation to a browser process without actually using a virtual machine. This allows Browser Bubble to offer a number of features that would typically require multiple tools all in a single, easy-to-use application that does not require any changes to your browser itself or your browsing behavior.

Why should I care?

The Internet can be dangerous. From ad trackers to compromised sites that serve malware, your privacy and security is constantly being tested. While the best protection is to use an actual virtual machine that has been configured with unique settings for each browsing instance, that is not an easy or light-weight solution for typical users. But the benefits of process isolation are many and shouldn't be limited to only users that have the technical knowledge required to setup isolated environments.

Browser Bubble provides isolation without a virtual machine so that each browser instance is protected at the file system, network and browser application level to provide unique, safe and secure browser environments.

Get Started

The first thing to do is download Browser Bubble. The current release is:


Bubbles

The idea behind Browser Bubble is that each browser instance should be totally isolated from all other instances. For normal browser operations that is not the case. All modern browsers do not allow multiple independent instances of the same browser. For example, when you start Chrome a main instance will be created. While it is still running and you double-click your Chrome icon again, it does not start a separate Chrome process. Instead, the main instance will absorb new instance. This is problematic for a number of reasons. And while browsers do provide profiles and in Firefox's case, containers, there is still not enough lower level isolation

Browser Bubble fully isolates each executed instance of a browser so that each execution creates a completely separate process.


Separation by process allows Browser Bubble to redirect low-level I/O operations (file, network and registry) to further isolate each Bubble as well as give each Bubble a unique fingerprint to prevent tracking.


Setup

When running Browser Bubble for the first time, you'll be prompted to provide some initial settings. This includes specifying the default network adapter, which is used for VPN routing, along with the installed browsers and profiles that are used as the base for the Bubbles. Additionally, Browser Bubble needs to determine which sandbox technology to use.



There are two types that Browser Bubble implements but each provides different functionality. The primary sandbox uses a virtual hard disk (VHD) file mounted as a drive when the Bubble runs. This leverages the 'diskpart.exe' Windows application to create, format and mount the VHD file. While this is a standard utility, diskpart may fail in some cases. In particular, popup errors stating that the drive needs formatted before use can occur in which case, the Bubble will fail to load.

The backup sandbox technology is to simply redirect file activity to a specific folder on the primary harddrive. While this is similar to the primary sandbox method, there are two main shortcomings. First, it does not support encryption because BitLocker does not provide per-file or per-folder encryption options. Second, it makes cleanup and transport of the profiles a little trickier.

As the actions are performed, the checkboxes will change to indicate a succcesful setting or test.



They will also change to indicate a failure result.



The image above with the red X's indicates that testing the primary sandbox feature failed which automatically will fail the encryption test.

Even though Browser Bubble attempts to determine compatability, you can still override the sandbox settings on the options page.


Browsers

Browser Bubble supports all Chromium based browsers as well as Firefox. When run for the first time, Browser Bubble will identify every installed browser on your system and ask for the profile path you want to base future Bubbles off of.



You can add other browsers or the same browser with a different profile path later but the initialization is just designed to get things started.



Once you have your browsers configured, you can move on to creating Bubbles. But you might be asking how Browser Bubble actually works. First, when it detects one of the configured and enabled browsers is started, it will intercept the execution to begin the Bubble process. If a browser is not configured or not enabled, then the browser will not be 'Bubble-ized' and continue to run normally. Browser Bubble will then inject code into the new browser instance in order to modify certain browser behaviors. It's important to note that none of the changes weaken or reduce any browser security. Additionally, Browser Bubble uses kernel-level drivers to monitor and, if necessary, change file, network and registry operations. The end result is that the browser process is fully isolated from other instances with unique characteristics.


Spoofing

Browser Bubble spoofing is not like extension based spoofing. While Anti-Fp is powerful and provides a lot of features, all extension based spoofing has shortcomings. Even the most advanced spoofing is still detectable due to the ways that the extensions interact with the page. As research by CreepJS and others have shown, small changes in JavaScript behaviors can be identified to detect the presence of extension based spoofing. While it may not be enough to detect un-spoofed values, just the presence of spoofing may be enough to deny service or report activity.

Browser Bubble exposes 16 setting categories that change the browser's fingerprint at a much lower lever than what can be achieved through an extension. Because the deceptions do work at such a low level, the browser itself believes the new information and will adjust accordingly. For example, setting the Windows version to something other than the actual version may cause the browser interface to display differently. Also, modifying the screen size settings may change how the browser renders objects. Therefore, proper tuning is necessary.

But this is what gives Browser Bubble its realism. When the browser itself believes the values then anti-anti-fingerprinting has no chance to detect the spoofing unless totally unusual values are provided. The 16 categories of spoof settings includes:

  • Battery
    Spoof the system power status. Set if the device is plugged-in or on battery power along with battery levels. This setting only applies to Chromium browsers.
  • CPU
    Spoof the system CPU thread count. Typical values are 2, 4, 8 but you can pick any value greater than 0.
  • Fonts
    Set the browser font profile based on a specific Windows version or define a custom profile.
  • Language
    Set one or more language values that applies to both 'Accept' header and locale. Note that your browser text and the pages being served will become localized in the selected language.
  • Math
    Modify certain math calculations to add a slight jitter.
  • Media
    Change how media devices are identified. Device enumeration can be blocked or the devices can be renamed and parameters spoofed.
  • Memory
    Spoof the system memory size. Only Chromium browsers actually expose this value to JavaScript.
  • Network
    Modify the type of network connection to be either Ethernet or Wifi.
  • Performance Timer
    Modify certain performance related timers to add a slight jitter.
  • Screen
    Modify the reported screen size that the browser thinks it is running on.
  • Speech
    Create custom speech voice profiles.
  • Time
    Set the browser time zone.
  • Touch Points
    Set the number of touch points.
  • WebGL
    Modify WebGL images to add a slight randomness. Additionally, different WebGL feature levels can be set.
  • WebRTC
    Block WebRTC requests at the network level.
  • Windows Version
    Choose between Windows 7, 8, 8.1 and 10.

With this list of options, completely unique browser fingerprints can be generated with 100% realism. However, you might be asking why some types of spoof settings are not available, such as canvas or user-agent.
First, it's important to understand what Browser Bubble is designed for. It is designed to protect your privacy and security. It is not designed to make you anonymous and was not designed for automation purposes. Consequently, not all spoof settings are necessary or even needed.

Second, Browser Bubble makes no attempt to radically change your OS or browser type. If you are using Firefox on Windows, then your Bubble will continue to show Firefox on Windows. While you can change the specific Windows version, you cannot make it appear as Linux for example. And because Browser Bubble is a desktop application, no Bubble will project as a mobile based system.

In the specific case of user-agent, modification of the Windows version will change your user-agent string because part of the string contains the version of Windows the browser is running on. But the browser version remains unchanged. Again, this is by design and we have no plans to change it.

Canvas is very similar. There are a lot of misperceptions about canvas tracking and canvas uniqueness. In reality, canvas is not unique nor a very good tracking signal. Canvas output is determined by the browser's drawing library and is not system unique. You can run an experiment to see for yourself. On two different systems, install the same version of a browser and test your canvas fingerprint. They will be the same. So, in fact, canvas is only really useful to identify the browser type but because Browser Bubble does not change your browser type, there is no need or actual good reason to change a value that can give away the fact that deception is being used.

Related to that, recent changes to Chromium (starting around version 90) has made some types of fingerprinting more difficult. Chromium introduced a standard math library the provides consistent outputs across OS versions and platforms.

"This will be used to mitigate Web Audio fingerprinting by using the same math library across OS versions and platforms."

Chromium Developer - 29 Jan 2021

There are other tracking methods, such as HSTS, ETag and favicon, that are defeated by the isolation and ephemeral nature of the Bubbles so Browser Bubble does not need to expose any options to be set.

Again, Browser Bubble is designed for privacy and security with the goal of making the deceptions as realistic as possible. Modifying some settings are a dead giveaway that protection is being used and that in itself is problematic.

If you have questions about other settings, please send us an email.


BitLocker

Browser Bubble separates Bubbles on the file system through the use of virtual disks. When a new bubble is started, a new virtual disk is created so that all browser file activity can be re-directed. There is an option to encrypt these virtual disks by using BitLocker so that all data will be protected when not in use. If your system does not support BitLocker encryption then this will not work.

BitLocker encryption requires Windows Pro, Enterprise or Education editions. Home edition does not support encryption. Additionally, a Trusted Platform Module (TPM) 2.0 is also necessary. UEFI settings may also need to be configured. If encryption does not work, please do your own research to ensure your system supports BitLocker encryption in the first place before contacting us for support.


Actions

Browser Bubble supports actions that allow you to automatically run additional programs at certain points in time so that you can integrate additional capabilities with Browser Bubble. A common use case for these actions would be to setup and then tear down a VPN connection.

There are three points of a Bubble's lifecycle that an action can be configured and executed.

  • Pre-Launch: The action will execute after Browser Bubble was notified that a browser was loading but before the browser is executing.
  • Post-Launch: The action will execute after Browser Bubble has successfully configured the Bubble and released the browser application. If Bubble setup fails for any reason, this action will not execute.
  • Shutdown: The action will execute when the browser is closing.


During the pre-launch action, Browser Bubble provides a number of settings to control the action in order to influence the Bubble creation. When configuring an action, you can set it to not wait in which case the action will be executed asynchronously with the Bubble creation. You can set it to wait in which case, the Bubble creation will pause until the action program has completed. And finally, you can have it wait and evaluate which like the wait option makes the Bubble creation pause but then the action out, both the exit code and any captured standard output, can be tested to provide a simple evaluation if the Bubble should continue. There is also a timeout option that can be set for the two wait options so that the Bubble isn't waiting indefinitely. It's important to ensure that if you set the wait option that whatever program is used for the action will complete in a reasonable amount of time and produces an evaluate-able output. The action configuration form, as seen below, provides a testing mechanism so you can configure the action and ensure that it works as intended.


Quick Bubbles

You're busy. We get it. So Browser Bubble makes it easy to quickly create random Bubbles with minimal settings. These 'Quick Bubbles' can be generated against a browser profile with unique fingerprint options.



First, simply pick the browser you want to use and then tell Browser Bubble how many Bubbles you want generated. Additionally, you can have Browser Bubble automatically create shortcut icons for each of the new created Bubbles.



Once generated, the new Bubbles will appear in the 'Saved Bubble' list and can be modified, deleted or executed.



More advanced settings, such as DNS, proxy, VPN, etc, are not set when generated but can be configured later.


Anti-Exploit

Browser Bubble implements additional checks on browser activity to ensure that nothing potentially malicious is executed. Generally when a browser exploit runs, the exploit code will attempt to either move to another process's address space or simply launch of new program to carry out additional functionality. Browser Bubble monitors browser behavior to look for signs of possible infection and if detected, blocks the activity. Anti-exploit protection can be applied to specific Bubbles or not at all. And while there are some smart heuristics in use, there is always the possibility of false positive so anti-exploit protection can be toggled on or off globally as needed.

Browser Bubble Anti-Exploit is designed for very specific exploit use cases. It should not be considered a substitute for other security tools so please protect yourself as needed.


DNS Filtering

Browser Bubble provides two modes for enhanced DNS protection. The first mode is to simply configure the browser, at runtime, with a secure DNS provider. The second mode is to use Browser Bubble's own DNS resovler. There are pros and cons to each method so it's important to understand the differences.

The first method allows you to easily change the DNS provider while the browser is running by simply updating the browser settings. This method is also more efficient than Browser Bubble's resolver because of the extra steps involved with capturing and re-routing requests. The downside to the native browser method is that network filtering is not possible because the DNS request will already be encrypted by the time Browser Bubble is able to see it. So, if you want enhanced network filtering using the native browser DNS settings, you will need to have a third-party firewall to block the actual network connections.

Browser Bubble's provides a logging mechanism so that you can see all the DNS requests being made from a Bubble.

For the network filtering list, you can provide your own list of IP addresses and domains to block or you can let Browser Bubble sync with a public list of known bad values.


Proxying

Browser Bubble can be configured with a list of proxies that can be used on a per-Bubble basis. Simply assign one or more proxies to a Bubble and Browser Bubble will force the browser to use said proxies by updating the browser's preferences. Because the proxy setting is applied at the browser level, you can use the browser's setting to modify the settings if necessary without having to relaunch the Bubble.




VPN Routing

In addition to proxies, Browser Bubble can also route network traffic through specific VPN connections on your system. If you run multiple VPNs at the same time, this is useful to ensure that a specific Bubble is using a specific connection.

Whatever VPN provider you use, as long as it creates a network adapter that Browser Bubble can identify, then the Bubble traffic can be routed through it. Browser Bubble does not provide VPN services at this time.




Creating a Bubble

Now that we have described the available settings for a Bubble, we can now discuss how to create one.

To start, click the plus (+) icon in the 'Saved Bubbles' box on the left hand side of the main window.


When clicked, a new Bubble profile window will open.


Here is where you fill in Bubble details such as the name and the browser it should target. Each Bubble must be associated with a specific browser. You can also configure BitLocker protection, spoofing, DNS, proxy and VPN settings. While it's best to configure everything initially, most of these values can be overridden at the point of Bubble launch if you choose to do so.

You have the option of having Browser Bubble generate a spoofing profile for you however, you can also manually set spoof values.


Once you are happy with your Bubble, click the 'Ok' button to save it. It will then appear in the 'Saved Bubbles' list on the main form.


Run a Bubble

One thing that makes Browser Bubble so useful is that it does not require you to do anything different when you want to launch a Bubble. You can simply run your regular browser however you normally do it. When the browser is loaded, Browser Bubble will intercept the execution and then present a window asking which Bubble should be applied.


If you don't want to deal with the Bubble picker then you can create Bubble shortcuts.


These shortcuts can be used just like any other shortcut but when run will automatically run the browser inside the specified Bubble. This makes it incredibly easy to create and launch numerous Bubbles without any behavior change.

Once a Bubble is running, it may not be evident. Additionally, with multiple Bubbles running at the same time, it can be hard to keep track which Bubble is which. To help alleviate those issues, you can set a color to a profile which will cause that browser instance to be drawn with a colored border when it is the active window.


Browser Bubble does provide a listing of all running Bubbles on the main window with a counter that will update as new Bubbles are launched and closed.


Options

Browser Bubble exposes a number of options to make management of your Bubbles easier.

  • Automatically bubble-ize enabled browsers.
    When any enabled browser is executed, Browser Bubble will automatically 'Bubble-ize' the new instance with the default Bubble. If no default Bubble is set, then you will be notified to pick a Bubble. If this option is disabled then only browsers executed through this application or available shortcuts will be run in a Bubble.
  • Block network access on browser load.
    To prevent data leakage, Browser Bubble can block browser network connectivity until you decide it should connect.
  • Confirm when closing Browser Bubble.
    Ask before Browser Bubble closes. If enabled, you'll be prompted when you click the X button. If disabled, Browser Bubble will close without notice.
  • Delete browser sandbox data.
    The browser sandbox will be deleted when the browser instance closes. If disabled, then the sandbox data will persist in the temporary directory until it is manually deleted.
  • Lock settings on minimize.
    Protect your settings with a password. If enabled, the password must be entered when Browser Bubble starts and after it has been minimized.
  • Manually install font files.
    Due to licensing issues, Browser Bubble cannot come pre-installed with fonts from different Windows versions. While Browser Bubble can still spoof fonts without the underlying font files, it is more realistic if they are available. You can manually install these files if you have them available.
  • Terminate browsers on Browser Bubble close.
    Browser Bubble enabled browsers will be automatically closed when Browser Bubble closes. If enabled, any browser monitored by Browser Bubble will be terminated on close.


Fonts

Due to licensing issues, Browser Bubble cannot come pre-installed with fonts from different Windows versions. While Browser Bubble can still spoof fonts without the underlying font files, it is more realistic if they are available. However, you can manually install these files if you have them available.

Browser Bubble has a list of all installed fonts for Windows 7, 8, 8.1 and 10. In order to "install" the the fonts, simply place the font files all in a single directory. Browser Bubble will then compare what is expected for that Windows version against the files found in the selected directory. If the font file can be found, then Browser Bubble will move the file to its own font sub-directory.

If you want to create a font profile that does not mirror a valid Windows profile, you can do that as well. But it's important to understand how powerful font tracking can be. A few unique, non-standard fonts can be enough of a signal to make you highly trackable so you really need to consider the reasons why you want to create a custom font profile.


Service Compatibility

There are three default Windows services that Browser Bubble will stop when it loads and then restart when it exits. These are:

  • DNS Client
  • Font Cache
  • Shell Hardware Detection

These particular services provide caching and convenience features that can disrupt some of Browser Bubble's features. If these services are running, then Browser Bubble may not work as intended.


License

A valid license is required to use Browser Bubble. A single license is good for use on one system at a time. The same license cannot be used on another system concurrently. Additionally, a Browser Bubble license does not support Windows Server. If you have a unique setup that requires use on Windows Server with multiple concurrent users, please contact us so we can provide a quote for an enterprise license. This includes Terminal Service or any type of thin-client setup. We reserve the right to audit license usage from time-to-time and if violations are found, the license will be revoked.

A Browser Bubble license is good for 1 year after which it will expire unless renewed. There is currently a 50% renewal discount if the license is renewed before it expires (does not apply to trial or beta licenses). When renewed, a new license key will be issued with an expiration date 1 year later than your previous expiration date. Renewing early will not cause lost time. For example, if your license expires 31 Dec 2021 but you renew in Nov 2021, your new expiration date is 31 Dec 2022. Once your license expires however, a new license will be full price.

You can purchase a Browser Bubble license here.

As with all of our software, we provide a free 7-day trial so you can test Browser Bubble. The trial is only slightly limited in that only two Bubbles profiles can be created.


Changelog

v1.2021.250.2358 (07 Sep 2021)

  • Initial public release.