Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari 4's Messy Trail

Posted by kdawson on from the if-disk-space-were-infinite-and-free dept.

Signum Ignitum writes "Safari 4 comes with a slew of cool new features, but extensive data generation combined with poor cleanup make for a data trail that's a privacy nightmare. Hidden files with screenshots of your history, files that point back to Web pages you've visited and cleared from your history, and thousands of XML files that track the changes in the pages in your Top Sites can add up to gigabytes of information you didn't know was kept about you." Some of Safari's bloat is kept in quite obscure locations; it takes a fairly knowledgeable user to find it and clean it up. You can avoid some of the worst of it by disabling Top Sites.

4 of 200 comments (clear)

  1. Re:Safari does clean up after itself. by mallumax · · Score: 4, Informative

    "Empty cache", doesn't delete everything.
    before: 737M -Caches-
    after: 571M -Caches-
    This is seriously fucked up.

    --
    TechSutra
  2. Re:Oh expoitable by node+3 · · Score: 4, Informative

    The real scary part of this for me is not the government, more on that in a sec, but your girlfriend/boyfriend/housemate. Anyone who feels like he/she wants to do some snooping now has a treasure chest of stuff to take out of context.

    They've always had this. It's called "History" and "Temporary Internet Files". The only difference here is Safari has added screenshots.

    If you're that worried, you can enter Private Browsing mode, you can selectively clear out parts of your history (and cache and screenshots), entirely clear out all of the above (including cookies), or just turn the feature off in the first place.

  3. Re:Safari does clean up after itself. by Ilgaz · · Score: 4, Informative

    /var/folders is generally folder for storing possibly sensitive data of ANY application. I don't know the exact reason of why some files are cached there and some in ordinary caches folder but I mean it is NOT just Safari cache. There could be caches of anything, any program.

    It could be decided like ''If a program binary is signed and it connects to net'' by core OS itself. Again, it is just a very rough guess.

    Did you really expect 700+ MB of Cache from a browser? It indeed cleaned its Cache and didn't touch other applications files. /var/folders is just randomized (sandboxed in future?) temp dir. Nothing exclusive to Safari or any other program.

  4. Re:beta software by alanQuatermain · · Score: 4, Informative

    Would anyone care to look at the permissions on the -Caches- folder in question? I know, it'll make it harder to spout hyperbole about security, but it could be instructional I think:

    MacBook-Pro:1tUM+kJcGEqwqSH2bBdLR++++TI jim$ pwd
    /var/folders/1t/1tUM+kJcGEqwqSH2bBdLR++++TI
    MacBook-Pro:1tUM+kJcGEqwqSH2bBdLR++++TI jim$ ls -l
    total 0
    drwx------ 92 jim staff 3128 12 May 20:53 -Caches-
    drwx------ 13 jim staff 442 23 May 20:12 -Tmp-

    As you can see, the permissions on the -Caches- folder mean it's only readable by the owner, namely the current user. So it has the same protections as something inside the user's home folder. Also, by benefit of being in /var/folders/xxxx/-Caches- the operating system can clean this out more or less upon a whim-- this is, after all, the purpose of temporary folders and caches.