Any Add-on to shred cookies without closing Firefox?

I'm trying to find an add-on for Firefox (or for Internet Explorer) that could SECURELY SHRED cookies and browsing history without closing the browser? All helpful add-ons simply remove/delete cookies but not shredding them.

 

I don't know about securely but Self Destructing Cookies is one extension that would work.

 

@ zmechys

Hi, you might not need one, as you can achieve that from within FF

 

I'm looking for ANY ADD-ON TO SHRED COOKIES AND HISTORY WITHOUT CLOSING FIREFOX, or any browser.

I'm not trying to find an add-on to remove cookies and history.
I want to be able to use something like, Advanced Overwrite (3 times), or Empty cookies/history without a trace with Privazer, etc...

When you delete cookies/history, they don't go to recycle bin, that you could shred with Privazer.

For some reason, I cannot find any add-on or any program that could SECURELY SHRED cookies and browsing history without closing the browser.

 

@ zmechys

Sorry i misread your post

Be nice if we could find something though

 

I've asked Privazer, but they immediately said, "NO".

 

For Firefox, the reason is very simple. Cookies and history are not stored inside a normal file, but inside a Sqlite database. And shredding data stored inside a database is not as simple as shredding data inside a normal file. Also, while Firefox is running, it has a lock on the database, so no other tool is able to access it.

 

If so, let me ask you the following question.

If I go to "Options" - "Privacy" - "Show cookies" - and delete all cookies by clicking on "Remove all cookies", what happens to cookies?
They are not visible any more in the "Show cookies" window.
Also, I need to sign in again.

What happens if I go to "History" - "Clear recent History" - and click on "Clear Now"?
I cannot see my browsing history anymore.

 

From what Nebulus describes, if Firefox locks the database then it's not accessible to other applications on your computer. That wouldn't necessarily prevent Firefox itself from accessing it though. So when you go to removal all cookies, it's Firefox removing cookies from a database its currently managing. Similar to how you can't rename an open word document by right clicking and renaming it. You would have to either save it as something new or do it from within Microsoft word. So cookie management via a Firefox add-on might be the only way to go about doing this other then the web browser itself.

 

This is correct. Firefox has (obviously) full access to the databases, otherwise it wouldn't be able to read/write to them. But Firefox is just giving a command to delete cookies or history, and the Sqlite engine is actually deleting the data. So if you would want a secure erase, it would need to be implemented into Sqlite (which is not likely to happen, because this is not its purpose).

 

At this moment, I don't care about Sqlite file. Why?
It's a "dead" log sheet, that WILL be safely erased with Privazer or any other respected cleaner immediately when my Internet session is over.

Let's use an analogy.

Sqlite file - it's like a "customer log sheet" on the cruise-vessel, "Firefox".
Clerk/computer entered the name of the customer Cookie 1, Cookie 2, etc...
It's only a log that will be securely destroyed in due time.

It's not a noisy, nosy, obnoxious, always-chatting, etc... customer Cookie 1, or Cookie 2 constantly talking on the cell-phone to someone somewhere, reporting everything that's happening on the vessel, Firefox.

I'd like to safely remove the cell-phones (cookies) of those chatty customers, securely erase all the data from those cell-phones (cookies), not just simply archive them with all the phone information left intact.

Again, cookies and browsing history is very easily removed using various Add-ons. I just want them to be securely shredded. That's it.

 

Probably won't satisfy you, but you can install SQLite Manager :: Add-ons for Firefox

With it you can open the cookies.sqlite database and Compact the database which purges deleted records. You could do this with any of the sqlite databases Firefox uses.

 

Please, reread my answer or try to understand how a database engine works. Sqlite file is not just a file, it's holding the entire database structure. If you remove it completely by shredding it, all the information inside will disappear. But it is not possible to securely erase only a PART of the information, and certainly not from outside Firefox.

 

Nebulus, thank you for your response.

Just for for entertainment purposes only, let's do very simple steps for me to understand about cookies.

When I go to Options - Show cookies, I see the following picture:


I click on Remove All Cookies, and I get the following picture:


What happened to my cookies? Where are those deleted cookies? Where are they stored right now?


Why do I need to log-in again in order to post this comment?

Next, I decided to Clear Recent History:



Now, I cannot go back to my previous web-page.
Why?
Where are the web-sites I've just visited?

 

OK, I'll try to go into more details, maybe I can manage to make myself understood

Let's consider cookies. When a site wants to add a cookie, Firefox will issue a command to the Sqlite database engine (let's call that command "ADD COOKIE x", because I don't want to go into the SQL internals). That command will add the "COOKIE x" to a database. Note that this is not the same as simply adding the cookie to the file, the process is a bit more complex.
You continue to navigate, and more "ADD COOKIE" commands will be issued, and more cookies will be stored. Now, you decide to delete one of the cookies. When you press the corresponding button, Firefox will issue a command like "DELETE COOKIE x", and the database engine will interpret it and remove the cookie from the storage. When you press the "Remove all cookies" button, Firefox will iterate through all cookies and remove them one by one using "DELETE COOKIE x" commands.

The problem here is that "ADD COOKIE" and "REMOVE COOKIE" commands are not under Firefox's control, they are Sqlite database engine commands. If Sqlite engine supports just those two commands (it's an over-simplification of the real case), you will not be able, for instance to issue an "EDIT COOKIE x" command, no matter how much you would like to edit a cookie!

Here comes your problem: Firefox can tell the database engine to remove a cookie, but because the engine doesn't know how to secure-erase it (it was not built for this purpose), it will delete it the way it knows. In order to achieve what you want, you would need to modify the database engine I used in the example above by adding a "SHRED COOKIE x" command. Note that this is not a change in Firefox, but in one of the libraries (sqlite) that Firefox builds on. This is the reason why creating an extension that secure erases only some cookies is nearly impossible.

 

I've really learned something. Thank you Nebulus.

Who/what controls Sqlite engine? Who/what writes the commands for it?
Could the cookies be removed to Recycle Bin? Where are the deleted cookies going in the memory and why?
Could Sqlite use the command "Update" and add something to a cookie in order to neutralize it and later shred it later with Privazer?

 

I'm not familiar with Sqlite, but if it does it's job properly then they are gone and not stored anywhere. Problem with hard drives is that when something is deleted it is gone in the Operating System but may still physically exist on the hard drive's platter until overwritten with other data, that's what secure removal/shredding is for.

Because your login information is saved in the cookie. Just because companies often abuse cookies for tracking purposes doesn't mean cookies are inherently evil.

You can't go back to your previous web-page because the browser doesn't know the previous web-page because you just deleted your browsing history.

 

Let's start learning about Firefox cookies.
I've started Firefox without Sandboxie.
(Temporarily, no attention to SQLite Manager - a plugin for Firefox)

Firefox shows that I have three cookies:



Next, I went to APPDATA\Mozilla\Firefox\Profiles, and found the file, cookies.sqlite.
"Cookies: A cookie is a bit of information stored on your computer by a website you’ve visited. Usually this is something like your site preferences or login status. Cookies are all stored in the cookies.sqlite file."
http://support.mozilla.org/en-US/kb/profiles-where-firefox-stores-user-data



Of course, I could not delete it; therefore, I opened it , "Selected All", and deleted everything.



Next, I went to Firefox Options - Show cookies, but all three cookies were there.

My cookies.sqlite file shows 0 KB, but the cookies are still visible.

Where are they hiding?

Thirteen minutes later, I checked the cookies.sqlite file. It still showed 0 KB.



At this moment, cookies.sqlite does not have any info, but Firefox shows cookies.
Where are those cookies hidden?

P.S. For the time being, I'm going to use Firefox with Sandboxie.
It means that any deleted cookies or browsing history won't leave the Sandboxie folder, and will be deleted with Eraser when I close Sandboxie.
No need to invent anything, just use Sandboxie.

 

Question:

Is there a reason some members choose *not* to run Firefox Portable out of a TrueCrypt Container? No need to worry about 'shredding'. There is zero slow-down on my machines. Just curious.

PD

 

Nebulus,

Could you, please, clarify a few things about Sqlite Cookie Database?

If I am correct, SQLite creates Temporary Databases:
http://www.sqlite.org/inmemorydb.html

"When the name of the database file handed to sqlite3_open() or to ATTACH is an empty string, then a new temporary file is created to hold the database.
A different temporary file is created each time, so that just like as with the special ":memory:" string, two database connections to temporary databases each have their own private database. Temporary databases are automatically deleted when the connection that created them. closes."

We all know what it means, "a file is automatically deleted" and waiting to be overwritten.

Next, what is the deal with "cookies.sqlite-wal" and "cookies.sqlite-shm" files?

 

Yes, some of us are not paranoid enough

No, Sqlite CAN create temporary databases, or even in-memory databases, but Firefox uses normal, on-disk databases.
As for .sqlite-wal and .sqlite-shm, they are log files used by Sqlite, andy yes, they might contain sensitive information, and yes, they are automatically deleted, with all the inconveniences related to this action. To avoid any privacy problems, I'm afraid that the only viable way is to use PaulyDefran's idea to encrypt at least the Firefox profiles folder...

 

Or use Firefox with Sandboxie!

P.S. I've never thought that serious computer specialists could be really funny.

 

zmechys, I don't feel the need to encrypt the Firefox profile folder, but you seemed pretty concerned about privacy issues, that's why I suggested you to follow PaulyDefran's idea

 

No, I'm not "pretty concerned" about privacy issues.
For the "pretty concerned", we have a different thread called,
"How to achieve true online anonymity"
https://www.wilderssecurity.com/showthread.php?t=343615

I'm just asking questions while trying to learn something.
Your answers provided a good "guiding light" for me.
Thank you.

 

I use the Firefox add-on SQLite Manager 0.7.7 which lists each cookie. When added to Firefox, just select from Firefox main menu bar: Tools>SQLite Manager to bring up the SQLite Manger control window. Manimize it, and then select moz_cookies to Browse for them.

-- Tom