Slashdot Mirror
Browser Private Modes Not So Private After All
CWmike writes "Browsing in 'private mode" isn't as private as users think, reports Gregg Keizer. 'There are some traces left behind [by all browsers] that could reveal some of the sites that you've been to,' said researcher Collin Jackson. He, along with three colleagues, will present their findings on Tuesday at the Usenix Security Symposium in DC. IE, Firefox and Safari, for instance, leave traces of SSL encryption keys even when run in private mode, while IE and Safari on Windows preserve self-signed SSL certificates in a 'vault' file that could be read by others to track the browser's path. Firefox also retains evidence of some certificates. Private mode has also been billed as a way for users to hide themselves from the prying eyes of sites that try to track habits and histories. Jackson said most users see that as the biggest attraction to private mode. 'Some browsers do a better job of protecting you from other types of scenarios, such as Web site tracking,' Jackson said. 'Safari is very much more willing to reveal you to Web sites than the others.'"
Opera wasn't included, but I'm very curious as to how good their private mode is.
http://CryoLANparty.com/ A lan I'm staff on!
You stumble on the page and see (0 Comments) followed by this huge white space. Looking at it, how can you not write something in it? Multiply this mentality across every other visitor who experiences a blank page and it's no wonder you have so many 'first posts' half way down the page.
Shocker! Say it ain't so!
How many more of these until Browser jokes around here end with "Safari!" instead of "Internet Explorer!"? At least IE takes security seriously nowadays...
(You'll never find a vulnerability in my Mosaic! Ha ha! Security through obsolescence!)
As there is a flash animation on every other site, looking at your flash cash pretty much reveals what you've "anonymously" browsed recently...
Seems like setting up a ramdisk and placing all of your cache/bookmarks/saved values files there would be the way to do this. You could use a script that created the ramdisk and copied the bookmarks, etc... to it before starting the browser. Then have it destroy all of that when the browser closed.
That would certainly be a handy utility to have, especially if it could be configured to make you anonymous (none of your identifying cookies, etc..) as an option.
Suppose you were an idiot. And suppose you were a member of congress. But then I repeat myself. -- Mark Twain
I use Firefox and have it set to clean up all history/cookies every time I close it. I wonder how much is left behind for me.
Flash cookies, or even any temp files left behind by video playback. I've heard it happen. See if anything was left in your Temp directory matching "Flash*" and play it back as .flv or .mp4. Very incriminating evidence
"Jackson said most users see that as the biggest attraction to private mode."
Nonsense. The biggest attraction of private mode is that hotteennymphosexkittens.com doesn't show up in the suggestions when someone borrows your computer to check Hotmail.
If you want real privacy you shouldn't be trusting a web browser privacy mode.
Lately I've taken a new approach to privacy. I used to try and keep most everything private unless I wanted to share it, but nowadays I've adopted a bland public persona that I don't mind if the world knows about. Then when I want to do something I don't want public, I just invest time and inconvenience commensurate with the criticality of keeping my activity private to make sure it stays private.
...
Maybe I'm paranoid, but this is why I simply use a portable version of Firefox with a profile stored in a TrueCrypt volume.
It sure ain't you! Pay me now, or pay somebody else a whole lot later !!
I mean, as long as your wife/girlfriend can't track your porno sites with ease you're fine.
If your wife/girlfriend is a CS major with cryptology in her repertoire though... might want to find a different 'hobby'.
The price is always right if someone else is paying.
So private mode is good enough for me!
Just install NoScript and be done with it.
Virtual machines? Flash disks? I never use the same computer twice! But...who are we hiding from? I support efforts to maintain privacy, and I admire it as a thought experiment, but what's the scenario we're defending against here? All of this sounds like extreme overkill if you're hiding porn from your mom. If you're trying to hide from advertisers, governments, etc, then I think that your bigger worry is not your home machine, but everything out there in our marvelously complicated ecosystem of an internet.
In private browsing mode, hook fopen, all "w" calls get redirected to a special directory, all fopen "r" calls get checked to confirm they are either referencing that directory or referencing known acceptable files (maybe certain preferences).
That instantly solves ALL in-process code. Its not something that would share all its code across platforms since the hooking mechanisms are different but it is going to be the only sure fire way to be safe.
Out-of-process plugins would require a different approach, but since the browser starts them it could hook them as well if the effort was put forth. You hook flash and don't let it write anywhere but where you tell it too, then those retarded flash cookies can't give you away either.
Clear the directory when leaving private browsing mode.
I can't think of any real OS that you can't do this on fairly easy. Windows is doable although it takes a little bit of effort, most UNIX clones are trivial to hook. Might be a problem for browser ports to oddball devices (which I'm counting phones in this group since they are radically different, even if common) but its also probably much less of a concern there. I'm not aware of a private mode for Mobile safari so it doesnt' seem that anyone cares anyway, or am I just missing it?
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
I noticed that javascript errors still go to syslog in private mode on Safari, at least.
I use GlimmerBlocker, which is a pretty cool little system extension which has a bunch of built in blocking scripts, but also allows you to create your own.
I also use ClickToFlash, but not sure if that does anything to protect you against Flash Cookies.
Then if you really get annoyed at certain sites, you can always edit your host file.
The real Sig captains the Northwestern. This one captains
But...who are we hiding from?
Nice try but you're not going to find out that easily.
To summarise the summary of the summary: people are a problem. ~ h2g2
Just use a CD like Ubuntu, browse to your hearts content, then shutdown. No trace what so ever on the machine!
Really paranoid? pull out the hard drive before booting on the live CD. Works like a champ!
Sites can/will track you regardless of any "private mode" if you have flash enabled. Also, does anyone know where the SSL certificates are stored by Safari in OSX? Thanks in advance.
You mean...I'm not anonymous as Anonymous Coward?
FUCK!
From THEM, of course.
The Tao of math: The numbers you can count are not the real numbers.
Tell me if I'm wrong. I thought SSL certs are valid for one HTTPS session only. Where the temporary certificate bind the endpoints with a [short] revocation period and a negotiable re-establishment opportunity within the certificate lifetime. - Anyone knows about the lifetime expectancy of client-side SSL related data?
If I ever encounter a link which I'm curious about more from an academic perspective than anything else (e.g., a link from a possibly-legitimate-but-likely-spam email), I'll just wget it and then go through the page source and/or view it with a browser.
This anecdote is a little off-topic I guess, but as far as privacy goes, I suspect it's a pretty decent way of going about things.
Did anyone else notice that the article didn't actually mention any privacy flaws with chrome, even though it says that chrome has them? They cite specific examples for IE, firefox and safari, then just say "oh, chrome has flaws too".
Cleans out everything you might want.
http://www.piriform.com/ccleaner
I killed da wabbit -Elmer Fudd
I didn't even realize that the point of the private browsing had anything to do with sites you visited. I thought it was clearly being marketed at a way to keep the next person sitting at your computer from seeing that you were visiting porn sites. Having your wife or kids follow behind you on the computer only to have porn sites pop up when they start typing in an address was a pretty big problem for a lot of people. This problem got even worse when the address bar started doing better type ahead by prioritizing heavily visited sites.
I mean really, as much as IP address change, they don't change that often, so it wouldn't be hard for sites tracking users to just use the IP address. All it would take is for 1 site that you visit logged in to act as an IP update source, and bingo, you are being tracked no matter what software you run on your computer. The only way around that would be to never log in to any sites, or run through some kind of proxy.
So, it is simple. Don't expect the private browsing to keep you from being tracked by web sites. There is nothing the browser makers can do about that. Use it to keep your 6 year old from accidentally finding out that you have been visiting 'Dirty DORA's anal Dungeon'.
Couldn't you just clear your history and other browsing data after you've finished your session. That's what I do in Firefox. Are there any vestiges left over from that?
My internet was down, unbeknownst to me, and as I attempted to load a few websites in incognito mode, I noticed the favicons were being cached. WTF google? And to think I trusted you with my porn addiction.
I use a VM for ALL browsing, as a simple security measure. It's a simple matter to vet and selectively copy any data I want to store locally from the wild wild web back to host on my terms rather than trust a browser. I also have a guest VM I can fire up if anyone wants to "borrow" my machine for email checking etc - there's no way in H*LL I'll trust anyone to be safe on the host machine.
I don't even trust MYSELF, see above ....
So... I click on a open office document on a webpage while in private mode.. OO opens up and I do a bunch of editing, saving a bunch of stuff. Later I close my browser and all my files are gone. Nice job, asshole.
Yet If you don't hook fopen on all launched apps and plugins you don't solve the problems people are complaining about here. I'd say "try again", but I'd rather you not. You're dangerous. Have you considered a job at Microsoft?
I suggest using:
The (Amnesic) Incognito Live System
https://amnesia.boum.org/
I've been doing this since way back when Firefox 1.0. I have a script that front ends the startup of Firefox. It creates a fake home directory (sets the HOME environment variable). It is populated with an initial set of files Firefox expects or needs and then launches the real Firefox program. It adds about 0.5 seconds to the startup time (was more like 3 seconds way back when I first did this). Another script can scan all these fake homes and figure out which ones are still busy, leaving them alone, and deleting all the rest. As a result of this, each time Firefox is started, it creates a whole new instances. So each are separate processes, too. One added benefit of that is if some bad website messes up Firefox in some way, I can just exit or kill it, and all the others are still running unscathed. Even though there are many Firefox processes running this way, it actually uses less memory because I exit them when I leave a site. Exit is very effective at cleaning up memory leaks and structure fragmentation.
now we need to go OSS in diesel cars
I just clicked over nfl
jerseys from another site and figured I should take a look around.
Like what I see so now I'm following you. Look forward to checking out
your some of your posts again.
Surfing with Chrome in private mode, going through https://xerosurf.com/ secure anonymous proxy, web sites can still pick up my location. How's that possible?
when someone borrows your computer to check Hotmail.
When installing a new machine I always take 10 seconds to create a 'demo' user account. I'll sometimes use it for actually doing a demo or presentation, but usually just to FUS to it when somebody wants to borrow the Firefox. XFCE or something similarly light makes it less painful to switch into it.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
...you need Firefox with Better Privacy, NoScript, Ghostery, Ad block Plus, Request Policy and Track Me Not in a private browsing session. Also you need to make sure all are set up too. This will take care of the current session. Of course a outgoing firewall is good too, and a packet sniffer/recorder.
Then to be extra sure, you need to run Firefox in a VM and restore the previous snapshot to clear out any possible stored traces as mentioned in this article.
Installing a Hosts file addition blocking hostile sites before cuing the DNS servers is a good thing too. Resolving your most sensitive sites DNS beforehand is also a wise thing, unless you like typing in IP numbers every time.
Of course comes the problem of your IP, that needs to be masked too and your browser specs, OS version and screen size...
I run the browser in a sandbox, and on start of the sandbox I clear out all the browser/flash cookies etc. It's about 10000x faster to start the sandbox than to boot into a different OS, and it's a pretty simple setup. To do the sandboxing, I use Sandboxie. On top of that I use VPN to hide my IP. But I know browser headers still leaves a unique trace, if someone really wanted to track me.
I feel the best option is to lock your account and not give the password out for any reason to anyone including the wife. You could also install multiple browsers and prevent an autocomplete disaster. Why people share user accounts with family is impossible for me to understand. You shouldn't even share the same physical computer with anyone else. Sometimes, there are worse things than porn to discover on someones computer.
How safe is that?
I know that on Mac it deletes all files on logout, would that not be the safest and most private way to visit warez and porn sites?