Slashdot Mirror
Safari 4's Messy Trail
Signum Ignitum writes "Safari 4 comes with a slew of cool new features, but extensive data generation combined with poor cleanup make for a data trail that's a privacy nightmare. Hidden files with screenshots of your history, files that point back to Web pages you've visited and cleared from your history, and thousands of XML files that track the changes in the pages in your Top Sites can add up to gigabytes of information you didn't know was kept about you." Some of Safari's bloat is kept in quite obscure locations; it takes a fairly knowledgeable user to find it and clean it up. You can avoid some of the worst of it by disabling Top Sites.
(frosty piss)
I for one like it because it is so innovative and it fits in well with my hip, young lifestyle.
There is a "Empty Cache" button under the "Safari" menu.
Before "Empty Cache"
ahze:/private/var/folders/zz/zzzivhrRnAmviuee++31gU+-Ev6/-Caches-/com.apple.Safari ahze$ du -sh
129M .
After "Empty Cache"
ahze:/private/var/folders/zz/zzzivhrRnAmviuee++31gU+-Ev6/-Caches-/com.apple.Safari ahze$ du -sh
32K .
Windows temp (/username/appdata/local/temp) which if not cleaned can hold every single unzipped file/torrent/etc since you installed the operating system. Just cleaned up a computer at a friend's house that was nearing 200 gigs in temp from mostly anime porn avi he downloaded and unzipped. I showed his gf some of the stuff thinking it was funny and was told to leave the house, he was not very happy either. Damn kids, lol.
An Education is the Font of All Liberty
The big value-proposition of the Mac has been that it is easy for the non-geeky user to use. Unfortunately, things like these make those very users vulnerable. Without exposing easy ways to flush potentially sensitive and private information, it is the same users Apple attempts to serve that will be exposed. And, this will probably be the default browser for most new systems, so unless this is patched, expect the problem to proliferate...
Keep in mind this is a beta, folks; if you're using it, you're presumably volunteering to help inform Apple about stuff like this. So in addition to letting everyone else know safari is doing this, it might be a good idea to let Apple know that it is unacceptable in a web browser. Presumably the company released the beta in order to solicit just this kind of information from its users; hopefully enough concern from users will lead them to take these "features" out of the final release candidate.
Hidden files with screenshots of your history
i want that. it usually takes me days to find that-hot-pr0n-chick(tm)-from-5-weeks-ago. with mozilla that is. posting descriptions to some, uhm, 'related forums' is embarassing. now i'll have pictures to go with. much easier.
This is really easy to fix. Always the first thing I install when I get a new Mac...
Caveat Utilitor
Safari can copy things all over the place for all I care. What's important is whether the privacy settings (like days to save history) are followed or not.
Also, isn't Safari 4 still in beta?
The real scary part of this for me is not the government, more on that in a sec, but your girlfriend/boyfriend/housemate. Anyone who feels like he/she wants to do some snooping now has a treasure chest of stuff to take out of context.
I hope no one here is naive enough to use the "if you have nothing to hide..." line.
Getting back to the government, most cases are not high profile law&order style procedural deals. I could easily see local lawyers taking porn sites as evidence you killed her, technology sites as evidence you were researching bombs, map sites that you were researching crimes, and I can see local judges allowing it, and local jury's believing it.
Of course they could get most of this from ISP logs, but that would be just that much harder to get, and wouldn't come with screen shots.
They just added these "features" to appeal to IE users.
You just need to get used to using it and it's a lot better than firefox or IE.
you will find some interesting things in there too...
Politics is Treachery, Religion is Brainwashing
It's been a while since anything made me laugh in /. :)
The filesystem is the package manager
This is a bit sketchy, I will agree. However, it does appear like you can remove most of this. In the menu bar, click "Safari > Reset Safari." Make sure that reset top sites and "Remove all webpage preview images" is selected.
concrete5: a cms made for marketing, but strong enough for geeks.
Safari has had full text history search since 3.0, Chrome has had since 1.0, firefox is going to have it.
They all do this by committing the absolute evil of "storing what you visited"
How did people think history worked before? magic pixie dust?
And just like in the past if you really care that much about your privacy you just need to use private browsing -- a feature Safari has had since 2.0 -- well before anyone else.
Of course Safari is made by Apple therefore it must be evil, but then WebKit is written by spple and embedded in chrome, so i guess that makes chrome evil too?
Remember those famous Apple "1984" advertisements where they're the young, free person breaking out of the crushing tyranny of Big Brother?
You are welcome on my lawn.
Use "Private Browsing" mode and this junk won't get in your history in the first place for you to need to delete it. The end. Meanwhile, fulltext searching of your history is hella convenient.
Here's why I use and love Safari 4 on OS X. And yes, I am a huge geek who hacks code for a living.
For me, Safari provides the best web experience. For you, Firefox 3 is the sweet spot. Why can't you just accept that people have differing priorities and requirements, instead of smugly deriding others for using a "miserable little browser"? If you want to hate on a browser, hate on IE. At least there's demonstrable evidence of how IE has damaged the web. Us Safari users are doing just fine.
Fretting about Safari 4 privacy issues seems a bit pointless because if someone can see all that data they can see anything on your Mac.
If your Mac -- or any other PC -- is available to others, well... that's what a password is for.
-- Slashdot: When Public Access TV Says "No"
Wow. I just saved 650+ meg on my Macbook nano. Definitely disabled Top Sites on my netbook.
Everybody on here needs to grow up. You're whining and crying about your browser keeping a history of your browsing. That's been an accepted feature for over a decade. Only now, you've got a porn mode so it doesn't keep a history. That's new. Why are you wanking fools whining about a browser cache now? Are you seriously crying that a file on your computer might have a screenshot of where you've been on the web? Really? I've got a hint for you: NOBODY CARES ABOUT YOUR DONKEY PORN.
Don't bother responding, I've already answered your objections:
"Oh, but Geekboy, I live in a totalitarian regime, and I'm a freedom activist! They monitor everything I do!" Your browser history is the absolute last place the KGB is gonna look for information. They'll talk to your neighbors, your boss, your parents, and probably drag you in for interrogation before they even consider looking in your history.
"Oh, but Geekboy, I just love looking at little kids! It's not sexual at all, it just makes me happy!" Do like pedophiles have done since the middle ages: become a priest. Get it off the internet, those parents' groups and TV shows are really annoying. Also, same thing as in the KGB. Even if they don't catch you in an actual sting, they'll grab your stacks of CDs and piles of imported manga way before they give a rats ass about your browser.
Now mod me down, and prove you're all pathologically paranoid morons.
Just another "DOJ fascist authoritarian totalitarian bootlicker" -- Zeio
First of all this is a beta product that isn't shipping on anything and while it's trendy to think beta software is fully functional (Thanks Google) with Apple, beta generally means, "really this isn't finished, there's still stuff that's messed up here." (In fact this would apply to most Apple .00 products as well, which is fine since historically .1 or .01 is rolls a few weeks after the initial release.) In other words, stuff like this is to be expected.
Second, Safari has for the longest time provided this very nifty "Private Browsing" which will eliminate all of these issues.
Finally, if you dig in the preferences you can turn a bunch of this stuff off if it bothers you so much. Still feed the fire of Mac hate... whatever.
--- Nothing To See Here ---
Bad! You go OUTSIDE.
The blogger says he believes resetting Safari doesn't remove the information (and then moans he'll have to stop using Safari because of this). WRONG. /.?
Why does such unsubstantiated cr@p get onto
find $HOME -mtime 0
Check for anything new that you don't want or expect. Then wipe them with the srm command.
If you are good at pattern matching, and after some experience of what files you normally find to remove this way, add them to your find with a -regex or -iregex. Once your sure you don't get any false positives (any files you would rather keep), add a -print0, pipe it through xargs with the -0 option, and send it to srm for wiping.
Example:
find $HOME -type f -iregex ".*safari.*" -print0 | xargs -0 srm -v -m -f
Good to check your Flash & Quicktime plugin cache areas similarly, too.
It's not extensible (at least not officially)
Even so, there a loads of extensions to Safari out there, which integrate with the browser completely naturally. I have two addons running myself and they even appear in the Preferences dialog of Safari, like they are normal features.
Pretty good is actually pretty bad.
After a few weeks (months?) of Safari 4 Beta (preceded by years of Safari usage) I decided to give Shiretoko (an Intel optimized Mac Firefox build) a try. As it turns out, it's way faster than the official Mac Firefox build, and Safari, and it just kind of kicks way more ass in general. Get it here:
http://www.latko.org/downloads/
Guy doesn't know what he is talking about. If you do some small investigation, you'll find that these are the previews for coverflow History. Deleting the history items deletes the previews. Also, using the 'Privacy' function in Safari does not store these previews. Thus snooping relatives won't find the porn you've been browsing all day for.
I can't figure out why everyone is up in arms over this. It's BETA software!!
I have a (new) Mac with Safari 4.0 Beta installed on it. Simply clearing the cache does NOT clear out all the crap that it's supposed to, I followed the article's suggestions. I cleared up ~200MB.
Leave feedback on the product telling them to clean up their act before the final release. They listen when there is ENOUGH of the same suggestions.
I like this outlook. Also, I love Safari's RSS reader; that's what keeps me from Chrome.
The AC above is right.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
The whole commotion is that temporary files are stored under per user only readable subdirs of /var instead of under ~/Library? I don't know about you but my home dir is mounted from a server. That seems a whole lot more secure (and efficient) to put that in a place more or less guaranteed to be local and not exported. It seems to me some people just have to learn about another place temporary data can appear. Also where it is makes it really easy to just rm -rf all of it when they want to.
Call me a crotchity old unix head but I'm very happy that Apple is using /var for cache information and not /Users/username/Library/Caches.... in fact i think that whole directory should point to /var.
I'd love to be able to partition my /var stuff off like I do in Linux. So if Apple is moving in this direction and keeps it up, good.
There are the first Chromium snapshots available.
Webkit as we love it. Rough but usable. No Plugins so far, that also means no Flash (I'll count that as a feature 90% of the time). Speed - don't know, sites are just there. But here comes the boomer: it's the first (modern) browser that doesn't eat my frakking RAM like there's no tomorrow and makes the whole machine feel sluggish after two hours of extensive web browsing.
If anyone is interested, i've filed a bug some time ago about this and it has been duplicated to #6594811
so why were u on necrohomicidexothermia.com?
Two issues with Safari 4:
Once Chrome is released for Mac it'll be my default browser.
GENERATION 25: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
For me, IE provides the best web experience. For you, Safari is the sweet spot. Why can't you just accept that people have differing priorities and requirements, instead of smugly deriding others for using a "web-damaging" browser? If you want to hate on a browser, hate on Opera. At least there's demonstrable evidence of how buying Opera is like buying bottled water when your house came with a tap. Us IE users are doing just fine.
// MD_Update(&m,buf,j);
and up
Hi.
Where is this box? I'm fairly active, but I don't have it/can't find it.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
The new post-ChuckNorris meme?
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Your issue with Chrome is that it isn't available for Mac? I thought this was a privacy concern? Chrome should be a dirty word to any privacy advocate/pornography watcher.
Before you mod me funny, think, perhaps I was insightfully funny?
Where is this box? I'm fairly active, but I don't have it/can't find it.
/. homepage, but I guess if you can't see the box you'll just have to use adblock (or /etc/hosts) like I used to before.
I guess it might depend on your karma. It appears on the top-right of the
No, that one has been around longer than /.
Semi-automatic amateur armchair Australian philosopher; conjecture ready at any moment...
Apparantly you miss the point.
The lack of control over your browsing.
Ever since Safari started using Google's "frad site warning" thingy, now all my webbing goes to them for indexing and whatever...
fuck Apple they are with NSA now, EFI too.
Letting a Java script flaw go unpatched for 6 months and still going.
Fusck Apple totally, they sold out the consumers privacy and control
It is totally unacceptable. This kind of bloated crap installed on our computers, keeping track of what we do, storing trails that use Gigabytes of space and putting those files in obscure places that it takes an expert to find. You would think Microsoft would have learned by now, yet they continue to ...... oh, wait, this is Apple we're talking about? Oh, then it ok then, because we all know that APple makes no mistakes.