Chrome Private Mode Not Quite Private

wiplash writes "Google Chrome appears to store at least some information related to, and including, the sites that you have visited when browsing in Incognito mode. Lewis Thompson outlines a set of steps you can follow to confirm whether you are affected. He has apparently reported this to Google, but no response has yet been received."

Addicted.

Google is addicted to your information, and will do whatever they can to get more.

They cannot help themselves.

Resist.

Re:Addicted.

[sopssa]

Yes, it's the basis of their business model. They need all that information to serve their advertisers better. This means they're also constantly looking for new ways to get even more and more information. Even if some of their services currently aren't related to advertising (like their free DNS service), there's no guarantee that they cannot be in the future. They're awfully easy to integrate later when they have grown, and with publicly traded companies you never know what is going to happen in the future. Especially when they're looking for new ways to generate advertising revenue.

Notice that all of their services are related to obtaining information, usage statistics, datamining and serving advertisement. YouTube too is a great resource for advertisers, as soon as online video matures a little bit more (though they're already working on it).

Not that it's a bad business model - but if you value your privacy, you might want to consider forgetting freeloading for a moment and buying software. You know, the business model that is based on customers paying for the software instead of selling their soul for advertisers. Google is the new adware business, they have just hidden it better.

Re:Addicted.

Do you believe every piece of FUD that comes out of sopssa's mouth? By default yes, everything typed into the address bar is sent to google which is how their autocomplete for searches works. If you just don't want it sent to google, change your default search provider. if you don't want it sent anywhere simply uncheck 'use a suggestion service to help complete searches and URLs typed in the address bar' in the Under the Hood tab of Options.

Re:Addicted.

[WrongSizeGlass]

Whoever moderated this "insightful" may want to read the article first. Do you really think that it's Google's nefarious plan to record the magnification settings of the web pages that you visit?

It's Google's plan to record anything and everything about you that it can, which makes the difference between Google and Facebook simply a matter of spelling.

Re:Addicted.

[kdemetter]

"We are the Google , you will indexed " ?

Re:Addicted.

[16384]

And stop using firefox too

Re:Addicted.

[ObsessiveMathsFreak]

Basically, Google is the insatiable voyeur, we are all the neighbourhood children, and Chrome is the delicious sweety used to entice us into giving the smiling man what he really wants.

Re:Addicted.

[Mordok-DestroyerOfWo]

Your informational distinction will be added to our own.

Re:Addicted.

[steelfood]

I'm not too worried about my privacy when it comes to corporations. Partly, it's because they already have a lot of data on me. Partly, it's because if they abuse it, I have at least a possible method of recourse.

What I am worried about is the government getting their hands on such data. Now that's a danger that far exceeds what a corporation can do. And, you have no method of recourse against the government.

Look at it this way: The worst a corporation could do is deny me a loan, because I buy a lot of junk online, and that means (by whatever twisted logic corporations employ) I'd be more likely to default on it.

The worst a government can do is pull me over for a traffic violation, and throw me into prison without a trial because the routine check brought up the fact that I frequent sites that advocate extreme or even locally unpopular views.

Which all leads to why I try to keep as anonymous as practically possible. Corporations don't have adequate data retention (or deletion) policy for my needs. And they cave easily to the government. Google is only slightly better in that they explicitly state how long they'll keep the data. But until every corporation adopts far more restrictive data retention policies whether by government regulation or by public outcry, I'm going to keep data on me from leaking out as much as possible.

And before anybody points out the obvious contradiction above, I'm just going to say that entities can work for you sometimes, and against you sometimes, neither of which precludes them from doing the complete opposite at the same time.

Re:Addicted.

[Snarf+You]

Is there any way to stop Chrome sending the info of the URLs you type into the address bar back to google, yet?

Yes - use SRWare Iron. It's a fork of Chrome, without all the phone-home stuff.

Re:Addicted.

[AnotherUsername]

I was going to reply with comments related to the Constitution(specifically the Bill of Rights), how the court system works, the various court cases the Supreme Court has ruled on regarding protests and freedom of speech, and other facets of how the law protects you from government abuse related to freedom of speech and protest/demonstrations, but then I remembered that this is Slashdot, and the government is always bad, and corporations are always better than the government.

I sometimes forget that I am in the minority around here when it comes to trust of the government vs. trust of corporations(I trust the government more than I trust corporations, though I have a healthy wish for privacy). I am one of those that thinks Orwell is overrated(I like the stories, but I don't see them happening), with Huxley's Brave New World being my dystopian present/future to be feared.

Re:Addicted.

[TheLink]

What I noticed recently was when I clicked on the final "clear browser data" button, Google Chrome would make a http request or two back to Google. Not sure why this happen. I don't have "send usage statistics and crash reports" enabled, but I do have show suggestions, use suggestion service dns prefetching, phishing protection enabled.

Anyone else managed to reproduce this on their Google Chrome browser?

Re:Addicted.

[sopssa]

Of course you don't know it for sure, but if they did that they would be risking their reputation too. It would be stupid to risk their main business just to get that extra one dollar. In the long run it would cost them a lot more. At most it would be an opt-in like thing.

I'm not saying all software you buy is like that, but since the base monetarization method is completely different, theres a much larger change for that. All of that is of course hidden in EULA or privacy policy.

Re:Addicted.

[Lunix+Nutcase]

It's funny also in light of the fact that many of them claim Jefferson as a hero and yet Jefferson was very much anti-corporation.

Re:Addicted.

[T-Bone-T]

I'm not following you. Why can't they reach the info on your PC that is put there by their program? Your computer is free storage for them. It may not be reachable for most of the time but Chrome will tell them when it is available.

Re:Addicted.

[geekoid]

" Partly, it's because if they abuse it, I have at least a possible method of recourse."
then
"Now that's a danger that far exceeds what a corporation can do. And, you have no method of recourse against the government."

WOW. That is completely backwards.

You have a great many avenues of recourse against the government then you have against any corporation.

Why do people even think that?

Re:Addicted.

[jason.sweet]

How, exactly, is "buying software" supposed to stop "customers selling their souls"?

You're not exactly selling your soul. You are only licensing it. Hope your DRM is up to date.

Most of these companies also have very strict privacy policies where they state that they wont sell or give your information to a third party or for advertising purposes.

The promise not to sell is usually followed by something like, "In order to help provide our services, we occasionally provide information to other companies that work on our behalf." Money and information changes hands, so the distinction is dubious at best.

Re:Addicted.

[cc1984_]

I was going to reply with comments related to the Constitution(specifically the Bill of Rights), how the court system works, the various court cases the Supreme Court has ruled on regarding protests and freedom of speech, and other facets of how the law protects you from government abuse related to freedom of speech and protest/demonstrations, but then I remembered that this is Slashdot, and the government is always bad, and corporations are always better than the government.

Sorry, I must have missed the bit where the GP said he was a US citizen.

Re:Addicted.

[obarel]

How, exactly, is "buying software" supposed to stop "customers selling their souls"?

You're not exactly selling your soul. You are only licensing it. Hope your DRM is up to date.

The problem is that nothing is stopping Google from copying your information between devices, unlike DRM. To be honest, I'd love to have my details protected by some DRM - every time a company makes any use of it, they have to contact my server first and ask for a one-time permission. Doesn't seem too likely, unfortunately.

Re:Addicted.

[jabithew]

Quite. Here in the UK the convention is that no Parliament may be bound by its predecessors, with the actual effect that we can change our "constitution" with a simple majority vote in the Commons. Considering the power of the party whips, and the tendency to one-party rule, we do effectively have an elected dictator.

Less so this time round, with the coalition, but even they have shown they can change the constitution with a simple majority vote and are willing to do so without an explicit mandate.

Re:Addicted.

[JWSmythe]

    You know, that's embedded into most of the browsers.

    Firefox was a little more polite about it, but it's still pretty deep in there. I was setting up an embedded machine with Firefox (local web browsing, no Internet connection). I was really surprised how many things were in there on a clean install of it. It's not just url completion. There's "safe browsing", SSL cert verification, updates.. Well, just do an about:config and search for http:/// and then https://./ There are 29 http URL's, and 22 https URL's. That may not include remote resources that may be embedded into the code. I didn't review it to find out, but I did have a packet sniffer running while I was working to make sure there wasn't anything extra going out.

    This wasn't looked at because my tinfoil hat was on too tight. These are for offline embedded machines, but they may (just may) be up on some sort of Internet connection occasionally, and that may be ungodly slow. I may not have the luxury of a few extra bytes going over the wire, if that's all I have to work with. (yes, we're talking very slow connections). And yes, it's a Linux platform, so you don't have everything and then some creating unwanted network traffic. :)

Re:Addicted.

[16384]

BTW, I wasn't trying to be funny. From http://www.google.com/intl/en_us/privacy_browsing.html

[...]Each time Firefox checks in with the third party provider to download a new blacklist, Non-Personal Information and Potentially Personal Information, such as the information that the browser sends every time you visit a website as well as the version number of the blacklist on your system, is sent to the third party provider. In order to safeguard your privacy, Firefox will not transmit the complete URL of web pages that you visit to anyone. While it is possible that a third party service provider may determine the actual URL from the hashed URL sent, [...]

Re:Addicted.

[HBoar]

OK, I'm from one of your colonies, so I'm not 100% up to speed with the UK's system, but can't the Queen dissolve the government in extreme circumstances (at least in theory)? I'm pretty sure she can actually dissolve our government, which IMO is quite a sensible precaution to have in place....

Re:Addicted.

[LordLimecat]

Um, yes, and AFAIK you have been able since almost the beginning. Wrench-->options-->under the hood --> "Use suggestion service...".

Just for the sake of putting this stupid argument to rest, I tested it with wireshark, and yes, unchecking that box immediately causes chrome to cease sending URLs to google. In fact, with all the boxes unchecked, it appears that the only traffic sent is directly to the websites that you are fetching.

I like how your "yet" implies that that hasnt been there from practically the start, though, or that you cant just use chromium if you are really that worried about it.... really some quality FUD there.

Re:Addicted.

[LordLimecat]

So, maybe Im just being an apologist here...
But while I did verify this, and can see some disk writes in ProcMon to a tmp file (which seems to be deleted on close), is it asking too much to have a little more info before running off and declaring it to be some additional nefarious way to collect info? Any packet sniffing, or even seeing if it can be replicated in chromium or Iron? Any effort to see ANYTHING AT ALL of whats going on, or whether that data is stored anywhere except the "magnify websites to this level" database?

I mean come on, I know Google is the new "cool to hate" company, but a 1 paragraph blog entry with NO technical details whatsoever makes REALLY poor outrage material.

Re:Addicted.

[HBoar]

That's the point -- the Queen can't just step in because she doesn't like the current government, it's only if the shit really hits the fan, as a last resort. For example, if an elected government tried to turn itself into a perpetual dictatorship without the support of the public, she could go in and kick some ass.

Re:Addicted.

[Jugalator]

WTF. This is obviously a browser bug. What on Earth does Google have to gain by letting the browser recall your zoom setting on the client-side? Stop trolling, please!

Google hasn't replied, but I assume that's because the stupid article author didn't even file a bug against this. I'm a complete nobody in Chrome development, but even I has done this in 2 minutes, an equivalent time period of composing a well formulated e-mail and sending it to Google.

Barebacking the internet

[qwerty8ytrewq]

If only we could observe something, without effecting it. Oh well.....

Cool

[DaleCooper82]

My girlfriend is using Facebook in Incognito mode...

Re:WHAT

[Minwee]

How else do you think Chrome gets to be so fast? The Chocolate Factory knows your entire browsing history so it just pre-loads your favourite pages before you even realize that you want them. Why shouldn't it keep track of your favourite kinds of porn, offshore gambling web sites, and that hotmail.com email address that you thought you were keeping to yourself?

Didn't work for me

[TimHunter]

using 4.1.249.1064 on Win7.

Re:Didn't work for me

[k_187]

Yeah, seems this only affects the beta versions from their Dev channel.

Re:Didn't work for me

Yeah, seems this only affects the beta versions from their Dev channel.

Man that's evil! Putting bugs in their betas so they can spy on us...

Look at Firefox as well

Try running a strings against places.sqlite in Firefox as well after all the personal history has been cleared - I sometimes see URLs left in there.

this doesn't happen to me

[yincrash]

tried it in 5.0.375.38 beta. my hypothesis is that he had other incognito windows open as well (probably with porn in them) that kept the incognito session going while he was open and closing the elephants.com window.

all incognito windows share the same session

Re:this doesn't happen to me

[SanityInAnarchy]

I just reproduced it in the exact same beta on Ubuntu. Steps are:

1. Open new Incognito window
2. Visit brand-new website
3. Change zoom level dramatically
4. Close Incognito window (all of them)
5. Visit website in a non-Incognito window

And people, please. What happened to "never ascribe to malice"? Chromium is an open-source project -- if you have to, fix it yourself, I have little doubt that patch would make it into the official Google Chrome.

Persists across restarts, too

[emag]

So, since the example in TFA didn't restart Chrome between incognito windows, I decided to see what happened when I followed the steps with "4.5 Exit chrome completely, then restart", and can confirm that even when Chrome fully exits and is restarted, it remembers the zoom level used in a URL only ever visited in an incognito window.

Re:Persists across restarts, too

[thePowerOfGrayskull]

'course, it *could* be storing a hash (salted or not) of the domain name and not the domain name itself. The test suggested in TFA is pretty poor, and doesn't prove anything about whether the actual domain name is kept.

Reproduced it here just fine

[droopus]

Exactly as reported.

I'm using 5.0.375.29 beta on an Air running 10.6.3 over wifi.

Went to cheese.com (the #1 resource for cheese!) and the zoom held.

Additionally, when I opened a new tab in non-incognito mode, the zoom STILL held, so there is definitely some communication between regular and incognito windows.

I'm devastated that my secret cheese browsing is now public.

Not an issue of trust

[Saishuuheiki]

This isn't even an issue of trust. It's not a question of whether Google is stealing information about you, or even privacy. It's an error or a possible bug wherein the mode where the browser is in essentially *no history* mode isn't working 100% w/o history.

If this is true, then it raises issues of quality control, not trust

Re:Not surprised.

[drinkypoo]

There's always Chromium; I run it on Ubuntu. For Windows there's SRWare Iron. I'm not sure which is the preferred build for OSX; perhaps Crossover Chromium. TFA doesn't say whether Chromium is affected. Some comments under TFA state that the effect lasts only until Chrome is restarted, suggesting that the information is stored only in the memory cache.

Re:Not surprised.

This and many other things about privacy concern me. I work at MIT and google and other big companies hang around, and both within academia and industry there are not enough people advocating privacy and information ownership. Trust me, or not, but Big companies lust over personal information.

The bug

[trazan]

Here's the bug in question, filed about 2 weeks ago:
http://code.google.com/p/chromium/issues/detail?id=43107
Seems like someone looked at it, prioritized and classified it (eg pri-2, internals-cookies).
What's the big deal? It's just a bug that needs to get fixed, not a huge conspiracy by Google.

Re:The bug

[EvolutionsPeak]

Look, we're trying to do some rabble rousing here and you are not helping.

Um no

[coolsnowmen]

There are many ways to finger print something that are not reversible. For instance, this is just page viewing preference data about a site you visited. What if it takes a hash of the url and uses that to store settings like current zoom and scroll location. There is almost no way this violates the idea of 'incognito' mode.

Re:Um no

[Rockoon]

You are kidding, right?

So I jump on your computer and browse to red-hot-midget-porn.net and find that the zoom level isnt the default value...

Do I conclude that (A) you don't like red-hot-midget-porn?, or (B) you do like red-hot-midget-porn?

Well in any case, I'm pretty sure that everyone likes red-hot-midget-porn, so maybe this is a bad example.

Re:Um no

[elmodog]

Do I conclude that (A) you don't like red-hot-midget-porn?, or (B) you do like red-hot-midget-porn?

It depends on whether it's zoomed in or out.

Pitchforks down, please, no story here

[TerrenceCoggins]

TFA only mentions zoom levels as being stored -- not any other info from users' porn-mode browsing session, just zoom levels. Chrome recently began saving users' zoom levels (if I'm not mistaken) so that pretty much explains that (while conveniently also accounting for why users of earlier versions may not experiencing this phenomenon as well.) We're all waiting for google to slip up monumentally (or "pull a facebook," if you will,) but unfortunately we'll have to wait another day.

Re:Pitchforks down, please, no story here

[Monty845]

From the google bug tracker: "we (the UI design team) made the choice to purposefully remember incognito zoom levels."

Sounds like the intentionally gutted the security of the incognito mode for the zoom levels... Its one thing if its an oversight, but to do it intentionally reveals a total disregard for the privacy someone using incognito expects.

Re:Pitchforks down, please, no story here

[McDutchie]

You're missing the point. If Chrome records zoom levels for particular sites, each such record is proof by implication that you visited the site. The Incognito mode is supposed to prevent recording of what sites you visit.

Re:Pitchforks down, please, no story here

[jonnythan]

If it remembers zoom levels for particular websites, it must remember the websites themselves. That also means someone can potentially obtain a list of URLs you visited in incognito mode.

That defeats the entire point of incognito mode. It's not supposed to remember anything.

for those that cannot reproduce this...

[Tumbleweed]

Be aware of the version you're using. Chrome v4 *may* not save the zoom level, so it wouldn't show it anyway. I'm on the dev channel, and thus am using the newly-released v6, and it's definitely reproducible.

I submitted this a while ago

[rcamans]

Submitted by rcamans on Friday October 23 2009, @01:21PM
rcamans writes "Visit a bunch of sites in Chrome incognito, and then look at your history in IE 7. Oh My God! A few of the sites you did not want in history are in IE history? How did they get there? A nasty in Windows XP OS. Oh, man...
These sites do not show in Opera history, Safari history, Chrome history, or FIrefox history. So maybe it has to do with IE integration into the Windows OS. Do not trust Chrome incognito until this bug is fixed. If it can be fixed.

Also, IE7 search history shows Chrome incognito search items. Oops

Simple explanation

[jeti]

Chrome is very likely to hold the DOM of visited pages in the cache so that f.e. hitting the back button will quickly render the previous page. That does not necessarily mean that the information gets persisted on the hard drive or is available to other pages. On the other hand it's not unlikely that the information sometimes gets paged out to the hard drive and persists until it gets overwritten.

There always was.

[SanityInAnarchy]

Did you even look in options? Turn off "search suggestions". That's the feature that relies on this information being sent to Google.

Please, please stop spreading Microsoft's FUD.

Re:Not surprised.

[bratgitarre]

Iron works on Linux as well, not just Windows. I run it on Ubuntu 9.10. As I mentioned above, 4.0.275.2 (Developer Build 35171) of Iron is affected by the bug from the article.

That's just a tip of an iceberg

[Artem+S.+Tashkinov]

Run Firefox or Google Chrome for a few days, click "Clear Recent History", select "Forever", exit them.

Now go to a directory where they store profile data and discover SQLite files containing information from all the web sites you've visited (`man strings`).

Both browsers 'forget' to run VACUUM on SQLite databases they are using. However it would be even better to zero fill all the files containing your traces, then delete 'em, then recreate them.

Re:The Phone Company

[Sancho]

The article shows that a per-site setting (page zoom) persists between incognito sessions. That's all. No mention or even speculation that Google is storing that information on their servers.

That said, Incognito was never meant to be private browsing from Google. Your search queries still get send to your search provider (imagine that!) and auto-suggest will still work. What Incognito mode is for is to prevent your wife/brother/sister/boss from seeing the sites you use. This has been discussed to death already.

Its Not about Trust

[hax0r_this]

I think you're missing the GPs point. Although many around here might well hold the beliefs you allude to (I don't think its a significant population on Slashdot, as victimized as you might feel by them), the GPs point is that the cost of betrayal by the Government far exceeds the cost of betrayal by a Corporation. In fact, the worst a Corporation can do do you is really limited by what the Government will allow it to do - if you are really so afraid of what a Corporation can do to you, you are implicitly afraid of what the Government will let it do.

Re:The Phone Company

[JWSmythe]

    Are you sure about that? Your voice communications are going over the wire unencrypted. Well, at least until it hits a digital circuit, but even that's not "safe", it's just obfuscated from sticking a speaker on the line.

    They could be listening to some or all. And there's been enough information about the gov't doing it. You shouldn't believe that there are up to two listeners on any phone call. (Lowered to one when you're talking to the wife. She never listens to you, and you know it. {grin})

Re:The Phone Company

[Fareq]

Actually, according to the developer discussion, this isn't a bug. They did it on purpose. They actually saved all of the sites that you made site-specific settings changes to.

They thought that the "convenience" of a better UI would outway the privacy risk of having the sites you visited after explicitly selecting privacy-mode saved in plain text on the file system.

This issue has been fixed.

[Paxtez]

http://code.google.com/p/chromium/issues/detail?id=43107

Careful about SRWare Iron

[oddfox]

Everyone mentioning SRWare Iron should know about this little tidbit: The story of Iron. The article and the linked IRC log tell a very interesting story about a guy less concerned with having a good reason to fork and more concerned with making money off of adsense and publicity for creating a "privacy-respecting" Chrome which is basically a perpetually outdated Chromium with a few checkboxes in "Under the Hood" defaulting to off.

The guy who runs that blog does not try to hide the fact that he's a Chrome developer, and he admits that there is the highly unlikely possibility that the person who was asking these questions was not the person who went on to release Iron. I was skeptical as well until I checked out the log file itself and quite honestly it would have to be an incredible coincidence for this guy to be asking such questions and providing the information that he does in his attempts to glean information on the right way to advertise his product as well as how to go about renaming the executable. There's more that makes it very reasonable to believe this is the guy who went on to release Iron, so please don't dismiss it until you've checked out the log file in detail. If this was a supremely unnecessary and elaborate hoax it sure is pulled off convincingly.

Using Iron after reading this information made me feel like I was supporting the wrong guy here and I couldn't do it anymore, it was just too uncomfortable seeing that this guy was looking for adsense revenue and to make a name for himself. The attitude of this developer is not one I would encourage at all.