Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Edge's Private Browsing Mode Isn't Actually Private (betanews.com)

Posted by timothy on from the keep-it-to-ourselves-alright? dept.

JustAnotherOldGuy writes: The forensic examination of most web browsers has proven that they don't have a provision for storing the details of privately browsed web sessions. However, in the case of Microsoft Edge, the private browsing isn't as private as it seems. Previous investigations of the browser have resulted in revealing that websites visited in private mode are also stored in the browser's WebCache file. The Container_n table stores web history, and a field named 'Flag' with a value of '8' shows that website was visited in private mode. An investigator can easily spot the difference and use this evidence against a person. The not-so-private browsing featured by Edge makes its very purpose seem to fail, and you can't help but ask how such a fundamental aspect of private browsing could be so fantastically borked. It beggars belief.

9 of 159 comments (clear)

  1. Re:First Post? by blavallee · · Score: 5, Insightful

    I would say, it's just not a surprise anyone here. An antonym of privacy or security is Microsoft.

  2. Re:They really did not care by unrtst · · Score: 4, Insightful

    I'm not sure why I'm feeding the trolls (troll being the summary itself).

    I'd appreciate an actual "private" mode, but none of the browsers do what I'd expect from that. My expectation would be that the browser would behave as if it is a clean slate, not store anything to disk, possibly encrypt or at least attempt to hide memory contents, and possibly attempt to hide other identifying details (screen resolution, "agent" header string, plugin list, etc).
    Personally, I find little benefit to the make believe "private" mode in that it hides its actions from my own computer. I am not worried about other legitimate users of my computer finding out secrets about me (and if I was, I'd use something much more hidden than "private" mode - another vm with encrypted drives, powered off or in hibernate when I'm not using it).

    With that in mind, this info seems to be quite an exaggerated diff between the various private mode expectations. Not that I care much as long as the behavior is what it is, but what I'd want to know is:
    * can normal, unprivileged user accounts access these history records?
    If not, then it's doing its job just about as well as any of the others.

  3. Indifference by rakslice · · Score: 4, Insightful

    I've concluded in the past couple of years that large parts of Microsoft as an organization have stopped being able to coherently sell to the end user market, and whatever people in the management that would have in the past noticed this sort of thing and taken steps to correct it have left or moved on to other roles.

    Signs of things slipping I've personally noticed in recent years:
    - The faulty Microsoft web-based store (do they expect developers whose first experience with Microsoft is a web site that can't even sell a Windows upgrade are going to turn around and want to build things on ASP.net?)
    - Contradictory descriptions of the different Windows SKUs (with respect to use as upgrades, new machine installs, usability by end users vs. system integrators, etc.)
    - Software with seriously flakiness in features that worked in previous versions (e.g. Windows 10 Start Menu search and keyboard navigation), with broken help links, without an integrated installer (e.g. Lync, Sharepoint)

    1. Re:Indifference by Anonymous Coward · · Score: 5, Insightful

      I've concluded in the past couple of years that large parts of Microsoft as an organization have stopped being able to coherently sell to the end user market, and whatever people in the management that would have in the past noticed this sort of thing and taken steps to correct it have left or moved on to other roles.

      It smells more to me like they've made a concerted decision that the end user is no longer the target market. The end user is now the product. Microsoft's "business partners" are advertisers and law enforcement agencies, that's where the revenue is coming from.

      The Edge behavior described in this article is very hard to explain away as laziness or incompetence. Intentional decisions were made during all phases of design and development to continue storing the user's history even when in private browsing mode. That isn't clueless management or devs taking the easy way out. That's purposely turning the end user's computer into a tool to be used against him.

      Microsoft is now actively hostile to the end user and folks would do well to remember it.

  4. I'm shocked by frovingslosh · · Score: 4, Insightful

    Microsoft Edge's Private Browsing Mode Isn't Actually Private

    I'm shocked! Shocked, I tell you!

    On the other hand, it has been obvious to me for a long time that if you want privacy, you don't use Microsoft products.

    --
    I'm an American. I love this country and the freedoms that we used to have.
    1. Re:I'm shocked by rtb61 · · Score: 5, Insightful

      It is not really all that funny. Not only is it not private it is marked as pretended to be so on analysis they can find out exactly what you wanted to keep private. That looks really, really bad, not only a failure of privacy but seemingly purposeful gathering of data for extortion purposes, obviously not run of the mill people but selected individuals via the scatter gun method, hide the invasiveness by targeting everyone so that the specific targets are unaware. Then there is how long they will keep the data for ie target every potential politician in high school and university so that decades down the track they can be extorted in compliance or destroyed. It is one thing to screw up privacy, it is quite another to specifically mark data as private and keep it.

      --
      Chaos - everything, everywhere, everywhen
  5. GEE WHIZ WHAT A BIG SURPRISE! by kheldan · · Score: 1, Insightful

    Microsoft has gone full-blown Big Brother/1984; is anyone at all surprised that their newest browser is also spying on you?

    Go right ahead and mod me down to negative one troll, Microsoft shills, I expect it of you; wouldn't want your corporate masters to be angry with you, now would you? By the way I'm going to just keep on lambasting Microsoft ad infinitum, and anyone that doesn't like it can, quite frankly, suck my dick.

    --
    Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
  6. Re:First Post? by Anonymous Coward · · Score: 5, Insightful

    They invented unsafe OS with user processes running in kernel mode.
    They invented the mail-transported virus, when outlook auto-executed attachments received by email
    They invented web vulnerabilities with activeX (Execute code found on web pages - no need to look for buffer overflows when this sort of thing is designed in.)

    So indeed, no surprise from microsoft here.

  7. Re:Microsoft invading even on Android OS of Google by Anonymous Coward · · Score: 2, Insightful

    This is very likely specific to your phone or some app you have installed (neither of which did you mention). Without context your assertion means nothing.