Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chrome For Android's Incognito Mode Saves Some of the Sites You Visit

Posted by timothy on from the see-also-gchq dept.

An anonymous reader writes: A newly found bug in Google Chrome for Android means incognito mode really isn't as locked-down as it's designed to be. Some sites you visit while using the privacy feature are still saved, and can be retrieved simply by opening the browser's settings. Google Chrome for Android has had incognito mode since February 2012. Here is Google's official description of the feature: "If you don't want Google Chrome to save a record of what you visit and download, you can browse the web in incognito mode."

12 of 69 comments (clear)

  1. So, in other words... by bistromath007 · · Score: 4, Funny

    "If you don't want Google Chrome to save a record of what you visit and download, you can browse the web in incognito mode. We will inform the NSA of your preference."

    1. Re:So, in other words... by Travis+Mansbridge · · Score: 5, Insightful

      Incognito mode is not encryption and cannot prevent people on your network, your ISP, the NSA or Google themselves from keeping an eye on your data. The effects of incognito mode are specific to the Chrome browser on that machine (and the cloud backup you may allow Google to keep of this data, such as if you log into Chrome).

    2. Re: So, in other words... by nullchar · · Score: 2

      Because you have checked the following In Chrome settings:
        * Use a prediction service to help complete searches and URLs typed in the address bar
        * Enable phishing and malware protection

      Incognito mode doesn't do much other than [tries] not write to local browser history or store cookies. But it fails at that too.

  2. Probably a true bug by bangular · · Score: 4, Insightful

    Chrome is a big complex browser with a lot of code. This was probably a true bug and nothing nefarious or devious intended. I would also think the QA for such a feature is probably not a priority and didn't get much testing.

  3. Wait, what? by penguinoid · · Score: 3, Informative

    Here is Google's official description of the feature: "If you don't want Google Chrome to save a record of what you visit and download, you can browse the web in incognito mode."

    What if I don't want Google to save a record of what I visit and download?

    --
    Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
    1. Re:Wait, what? by JustAnotherOldGuy · · Score: 2

      What if I don't want Google to save a record of what I visit and download?

      Then you're screwed, because they'll save what they want regardless of what you want.

      I am not one bit surprised that their "incognito" mode tracks and saves stuff. After all, citizen, those ads aren't going to sell themselves.

      --
      Just cruising through this digital world at 33 1/3 rpm...
    2. Re:Wait, what? by MillionthMonkey · · Score: 4, Funny

      What Google should at least provide is some sort of "I'm finished jerking off" feature.

  4. These can be removed by leonscottjr · · Score: 2

    By clicking on the site in question, you are taken to a screen with the details of what was saved for that site. There is a button to Clear and Erase. Press it, and all info for that site is cleared from your history.

    1. Re:These can be removed by Anonymous Coward · · Score: 2, Insightful

      But the whole point of the Incognito mode is that the browser does not save anything for any site so you don't have to Clear and Erase manually.

  5. the assertion is bugs are shallow. This fixed by raymorris · · Score: 2

    The assertion that ESR makes is that when many people look at a bug, for one of them it will be an "easy" bug, someone will see the issue quickly, and it can therefore be fixed quickly. This bug is already fixed, so it supports his assertion.

    Compare IE. The bugs in IE handling of "Vary" were well known and documented for FIVE YEARS before it was partially fixed. As another example, for over a decade, servers had to speak http 1.0 to IE and http 1.1 to every other browser because IE's handling of http was so broken. So 5-10 years to fix serious documented a bug in IE, several hours to several days for Chrome.

  6. Re:The default android browser does it too by Anonymous Coward · · Score: 3, Interesting

    If I'm browsing incognito and click links to open in new windows, sometimes I'll look and find I seem to have lost the incognito protection. Not sure if this is by design or not, but regardless it's stupid and deceptive.

    Also, incognito or not, Google is sapping your browsing habits and history. Only way to avoid this is to not use android.

    Don't use Chrome or the default browser on Android you mean. Android is the best phone OS in the history of the Universe so far, literally. Android is Linux.

    Firefox is still always the right choice on all platforms. I hope they never screw this up. If they do, you will have to use an older version until they unscrew it. Chrome is all-around weak unless you are on a Mac and for some reason want Chrome's built-in Flash player. Other than that, Chrome is nothing.

    If you don't at least have Firefox installed on Android, you get what you get for being new. Learn it. Unless you are some big time phone web surfer it's not even an issue. For any real encryption on your phone you will have to use Orbot, etc.

    Also this:
    http://tech.slashdot.org/comments.pl?sid=7988275&cid=50494529
    http://tech.slashdot.org/comments.pl?sid=7988275&cid=50500123

  7. As the man said by Hognoxious · · Score: 4, Funny

    Any sufficiently advanced malware is indistinguishable from a bug.

    --
    Confucius say, "Find worm in apple - bad. Find half a worm - worse."