Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Edge's Private Browsing Mode Isn't Actually Private (betanews.com)

Posted by timothy on from the keep-it-to-ourselves-alright? dept.

JustAnotherOldGuy writes: The forensic examination of most web browsers has proven that they don't have a provision for storing the details of privately browsed web sessions. However, in the case of Microsoft Edge, the private browsing isn't as private as it seems. Previous investigations of the browser have resulted in revealing that websites visited in private mode are also stored in the browser's WebCache file. The Container_n table stores web history, and a field named 'Flag' with a value of '8' shows that website was visited in private mode. An investigator can easily spot the difference and use this evidence against a person. The not-so-private browsing featured by Edge makes its very purpose seem to fail, and you can't help but ask how such a fundamental aspect of private browsing could be so fantastically borked. It beggars belief.

1 of 159 comments (clear)

  1. doesn't fit the criteria by raymorris · · Score: 4, Interesting

    You're thinking of "implied warranty of fitness for a particular purpose ", as it's called in the Uniform Commercial Code. There's also warranty of merchantability. Let's look at each in turn.

    The terms and conditions can explicitly and clearly disclaim the warranty of fitness for a particular purpose, and I'm sure Microsoft's terms do so. They can't disclaim warranty of merchantability so easily. If they do disclaim fitness for a particular purpose, that's the end of that. If they didn't disclaim the warranty, UCC has two conditions. First, the seller must have reason to know what purpose the buyer intends to use it for - browsing porn without having the address bar later autocomplete xvideos.com? National security level espionage? Secondly, the seller must habe reason to know that the buyer is relying on the seller's expertise to recommend an appropriate product.

    Microsoft doesn't know whether you intend to use it to avoid having autocomplete accidentally embarrass you or if you're trying to foil expert forensic investigators. Since they don't know which purpose(s) you might use it for, there is no warranty of fitness for a particular purpose.

    On to warranty of merchantability. This applies even when the seller does NOT know what purpose you plan to use it for. Because the seller doesn't know, he warrants only that it's useable for SOME purpose. If the mode successfully avoids accidental embarrassment from autocomplete, accidentally hitting the back button down-arrow, etc, then it is useful for SOME purpose and therefore the warranty of merchantability is met.

    Suppose some warranty was NOT met (and not successfully disclaimed). Then you could sue Microsoft for actual damages. If you prove that an accidental autocomplete during a business presentation got you fired, they would need to compensate you for the lost pay.

    Lastly, you mentioned false advertising. What exactly do Microsoft's ads say about the feature? I suspect they do not say "prevents forensic examiners from determining anything about your browsing history".