Browser Private Modes Not So Private After All

CWmike writes "Browsing in 'private mode" isn't as private as users think, reports Gregg Keizer. 'There are some traces left behind [by all browsers] that could reveal some of the sites that you've been to,' said researcher Collin Jackson. He, along with three colleagues, will present their findings on Tuesday at the Usenix Security Symposium in DC. IE, Firefox and Safari, for instance, leave traces of SSL encryption keys even when run in private mode, while IE and Safari on Windows preserve self-signed SSL certificates in a 'vault' file that could be read by others to track the browser's path. Firefox also retains evidence of some certificates. Private mode has also been billed as a way for users to hide themselves from the prying eyes of sites that try to track habits and histories. Jackson said most users see that as the biggest attraction to private mode. 'Some browsers do a better job of protecting you from other types of scenarios, such as Web site tracking,' Jackson said. 'Safari is very much more willing to reveal you to Web sites than the others.'"

Opera

[AnonGCB]

Opera wasn't included, but I'm very curious as to how good their private mode is.

Re:Opera

[ReederDa]

I'd like to know how Chrome is rated with this.

Re:Opera

[morari]

Private mode has also been billed as a way for users to hide themselves from the prying eyes of sites that try to track habits and histories. Jackson said most users see that as the biggest attraction to private mode.

I thought hiding your porn habits from the wife or employer was the biggest attraction?

Flash cookies remain too

[e065c8515d206cb0e190]

As there is a flash animation on every other site, looking at your flash cash pretty much reveals what you've "anonymously" browsed recently...

Re:Flash cookies remain too

Firefox in Privacy mode with Better Privacy extension. Pretty good setup.

Re:Flash cookies remain too

[hvm2hvm]

I use a virtual machine and I restore the previous snapshot after each browsing session, beat that!

Re:Flash cookies remain too

I run a virtual machine on a live CD, then restore the snapshot, reboot the machine, snap the CD in half, attach a high powered electromagnet to the tower, then burn down the building.

Re:Flash cookies remain too

[oldspewey]

What? No TrueCrypt?

Re:Flash cookies remain too

[travisco_nabisco]

Why are you looking at his /dev/null? That is as hard core as it gets.

Re:Flash cookies remain too

[robi2106]

What a rookie..... you left IP address traces on the gateway logs of your ISP. better nuke your ISP from orbit just to be safe.

Re:Flash cookies remain too

[Bratmon]

You still have logs at the sites you visited. Better get them too, just in case.

Re:Flash cookies remain too

[paiute]

I use Lynx.

and a really vivid imagination.

Don't forget about flash

[DeHackEd]

Flash cookies, or even any temp files left behind by video playback. I've heard it happen. See if anything was left in your Temp directory matching "Flash*" and play it back as .flv or .mp4. Very incriminating evidence

Re:Don't forget about flash

[kelarius]

As a test I went to a couple of sites of ill repute and watched a couple of free videos, then cleared my Firefox cache. Afterwards, I searched my computer for .flv and .mp4 files and couldnt find anything, so to the casual search most of you should be safe with your

Re:Don't forget about flash

[ytpete]

Just fyi, the current version of Flash does respect "Private Browsing" settings in all major browsers.

Biggest Attraction

[ceoyoyo]

"Jackson said most users see that as the biggest attraction to private mode."

Nonsense. The biggest attraction of private mode is that hotteennymphosexkittens.com doesn't show up in the suggestions when someone borrows your computer to check Hotmail.

If you want real privacy you shouldn't be trusting a web browser privacy mode.

Re:Biggest Attraction

[swanzilla]

"Jackson said most users see that as the biggest attraction to private mode."

Nonsense. The biggest attraction of private mode is that hotteennymphosexkittens.com doesn't show up in the suggestions when someone borrows your computer to check Hotmail.

If you want real privacy you shouldn't be trusting a web browser privacy mode.

Youtube might be more relevantly incriminating than Hotmail.

Re:Biggest Attraction

[Surt]

I cannot believe how lazy the porn people are. It has been like a whole minute and that site is STILL not up.

It's good enough..

[HerculesMO]

I mean, as long as your wife/girlfriend can't track your porno sites with ease you're fine.

If your wife/girlfriend is a CS major with cryptology in her repertoire though... might want to find a different 'hobby'.

Re:It's good enough..

If your wife/girlfriend is a CS major with cryptology in her repertoire though... might want to find a different 'hobby'.

If I had a wife/girlfriend with a CS major in cryptology in her repertoire I wouldn't need a hobby.

Re:It's good enough..

[stagg]

I mean, as long as your wife/girlfriend can't track your porno sites with ease you're fine.

If your wife/girlfriend is a CS major with cryptology in her repertoire though... might want to find a different 'hobby'.

Then it's back to an old suitcase under the work bench in the garage.

Re:It's good enough..

[ciaohound]

Your wife is a CS major with cryptology in her repertoire. She just hasn't told you because you'd blow her cover.

Re:It's good enough..

[Red+Flayer]

Very convenient, as the duct tape and the rope is on the workbench. Just make sure the suitcase is big enough, things never fold as neatly as one might think.

What? Why is everyone looking at me like that?

Re:You need all of your files on a ramdisk

[vux984]

When I want to browse in high security / high privacy I use a virtual machine and delete all changes when shutting it down. (ie so the vm is in precisely the same state it was in when i turned it on.) This also gives me some reasonably good protection from viruses/malware/ and other crud, since unless it manages to break out of the VM, it goes away when I shut the VM down.

Doesn't seem like a hard problem to solve ...

[BitZtream]

In private browsing mode, hook fopen, all "w" calls get redirected to a special directory, all fopen "r" calls get checked to confirm they are either referencing that directory or referencing known acceptable files (maybe certain preferences).

That instantly solves ALL in-process code. Its not something that would share all its code across platforms since the hooking mechanisms are different but it is going to be the only sure fire way to be safe.

Out-of-process plugins would require a different approach, but since the browser starts them it could hook them as well if the effort was put forth. You hook flash and don't let it write anywhere but where you tell it too, then those retarded flash cookies can't give you away either.

Clear the directory when leaving private browsing mode.

I can't think of any real OS that you can't do this on fairly easy. Windows is doable although it takes a little bit of effort, most UNIX clones are trivial to hook. Might be a problem for browser ports to oddball devices (which I'm counting phones in this group since they are radically different, even if common) but its also probably much less of a concern there. I'm not aware of a private mode for Mobile safari so it doesnt' seem that anyone cares anyway, or am I just missing it?

Re:You need all of your files on a ramdisk

[Psx29]

Another alternative is to boot off a live cd

Re:This is going to be an unpopular sentiment but.

[Hope+Thelps]

But...who are we hiding from?

Nice try but you're not going to find out that easily.

Re:Clean on close

[maxwell+demon]

But the FBI/CIA/NSA have ways of reading even zeroed drives! (so I hear) Will we ever be safe??

That's why I one them instead. I've never heard that they can read a oned drive. :-)

Re:You need all of your files on a ramdisk

[justin12345]

Yeah a ram disk or virtual machine is defintely way more secure, as well as using proxies or TOR to disguise your IP address (confusing Geo-location databases), forged browser signatures, and a few other things I can't think of right now. Assuming you are committing acts of international espionage, working undercover for the NSA, or simply know that MLB is after you, you should definitely be taking those precautions.

The thing is, my understanding is that "privacy mode" is really just for not having your porn links show up in your browser history, should your S/O or Mom not approve of you viewing such material. It also saves you potential embarrassment when you open up a new tab in Safari or Chrome and it gives you a grid of thumbnails of recently viewed sites. I think Gregg Keizer grossly overestimates what people expect when they click the "private" button. They aren't clicking it to view sites that require SSL certificates, they are clicking it to view sites who's title tag is "Slut fucked by guy" or "Sexy trinity anal part1" and shows up in the browser history as such. Most just use the privacy mode so their S/O or Mom doesn't stumble across those links while looking up that article they read yesterday about "How to plan the perfect wedding" or "Is internet addiction destroying your family?".

Privacy, CLI-style

[by+(1706743)]

If I ever encounter a link which I'm curious about more from an academic perspective than anything else (e.g., a link from a possibly-legitimate-but-likely-spam email), I'll just wget it and then go through the page source and/or view it with a browser.

This anecdote is a little off-topic I guess, but as far as privacy goes, I suspect it's a pretty decent way of going about things.

Re:The problem with first posts

[buchner.johannes]

We fight our fear of an empty internet?