Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Browser Private Modes Not So Private After All

CmdrTaco posted more than 3 years ago | from the don't-look-at-my-prvates dept.

Privacy 198

CWmike writes "Browsing in 'private mode" isn't as private as users think, reports Gregg Keizer. 'There are some traces left behind [by all browsers] that could reveal some of the sites that you've been to,' said researcher Collin Jackson. He, along with three colleagues, will present their findings on Tuesday at the Usenix Security Symposium in DC. IE, Firefox and Safari, for instance, leave traces of SSL encryption keys even when run in private mode, while IE and Safari on Windows preserve self-signed SSL certificates in a 'vault' file that could be read by others to track the browser's path. Firefox also retains evidence of some certificates. Private mode has also been billed as a way for users to hide themselves from the prying eyes of sites that try to track habits and histories. Jackson said most users see that as the biggest attraction to private mode. 'Some browsers do a better job of protecting you from other types of scenarios, such as Web site tracking,' Jackson said. 'Safari is very much more willing to reveal you to Web sites than the others.'"

cancel ×

198 comments

Opera (4, Interesting)

AnonGCB (1398517) | more than 3 years ago | (#33208304)

Opera wasn't included, but I'm very curious as to how good their private mode is.

Re:Opera (1)

Ironhandx (1762146) | more than 3 years ago | (#33208806)

I am also very interested in this. I've been using Opera as my browser of choice for over 6 months now and can't see myself switching back to anything else. I don't really use private browsing mode, but it would be nice to know how well it functions if I did need it.

Re:Opera (0, Troll)

Anonymous Coward | more than 3 years ago | (#33209078)

If you're not doing anything wrong you have nothing to worry about.

The problem with first posts (2, Insightful)

Anonymous Coward | more than 3 years ago | (#33208336)

You stumble on the page and see (0 Comments) followed by this huge white space. Looking at it, how can you not write something in it? Multiply this mentality across every other visitor who experiences a blank page and it's no wonder you have so many 'first posts' half way down the page.

Safari has extremely lax security? (2, Funny)

Anonymous Coward | more than 3 years ago | (#33208350)

Shocker! Say it ain't so!

How many more of these until Browser jokes around here end with "Safari!" instead of "Internet Explorer!"? At least IE takes security seriously nowadays...

(You'll never find a vulnerability in my Mosaic! Ha ha! Security through obsolescence!)

Flash cookies remain too (3, Insightful)

e065c8515d206cb0e190 (1785896) | more than 3 years ago | (#33208360)

As there is a flash animation on every other site, looking at your flash cash pretty much reveals what you've "anonymously" browsed recently...

Re:Flash cookies remain too (1)

e065c8515d206cb0e190 (1785896) | more than 3 years ago | (#33208370)

(meant cache, obviously...)

Re:Flash cookies remain too (4, Informative)

Anonymous Coward | more than 3 years ago | (#33208438)

Firefox in Privacy mode with Better Privacy extension. Pretty good setup.

Re:Flash cookies remain too (4, Interesting)

hvm2hvm (1208954) | more than 3 years ago | (#33208840)

I use a virtual machine and I restore the previous snapshot after each browsing session, beat that!

Re:Flash cookies remain too (2, Insightful)

oldspewey (1303305) | more than 3 years ago | (#33208888)

How about running a LiveCD distro and then physically rebooting the machine after each browsing session?

Re:Flash cookies remain too (5, Funny)

Anonymous Coward | more than 3 years ago | (#33208940)

I run a virtual machine on a live CD, then restore the snapshot, reboot the machine, snap the CD in half, attach a high powered electromagnet to the tower, then burn down the building.

Re:Flash cookies remain too (3, Funny)

oldspewey (1303305) | more than 3 years ago | (#33208964)

What? No TrueCrypt?

Re:Flash cookies remain too (1)

Mr. DOS (1276020) | more than 3 years ago | (#33209062)

I'd hate to know what you do when the CD's in ISO form...

Re:Flash cookies remain too (1)

al.caughey (1426989) | more than 3 years ago | (#33209178)

And just what were you beating while you were on the virtual machine?

Re:Flash cookies remain too (0)

Anonymous Coward | more than 3 years ago | (#33208898)

I have that extension but use Chrome for my incognito browsing (and firefox for non-private browsing). Usually, after exiting chrome I just open and close Firefox to destroy my flash cookies.

Re:Flash cookies remain too (1)

John Hasler (414242) | more than 3 years ago | (#33208688)

No, looking in /dev/null doesn't reveal much of anything.

Re:Flash cookies remain too (1)

maxwell demon (590494) | more than 3 years ago | (#33208866)

No, looking in /dev/null doesn't reveal much of anything.

You think so? I just looked into your /dev/null, and you wouldn't think what I found there! Really hardcore stuff you like to watch!

Re:Flash cookies remain too (3, Funny)

travisco_nabisco (817002) | more than 3 years ago | (#33208984)

Why are you looking at his /dev/null? That is as hard core as it gets.

Re:Flash cookies remain too (0)

Anonymous Coward | more than 3 years ago | (#33208714)

As there is a flash animation on every other site

Sounds like your ad-blocker is malfunctioning. You may want to consider getting noscript too but personally I'd sort out whatever's wrong with the ad-blocker first.

Re:Flash cookies remain too (1)

camperslo (704715) | more than 3 years ago | (#33209212)

Even browsers that allow disabling cookies usually still have both Flash cookies (some trail every Flash site) and JAVA cookies. JAVA also may cache images outside the browser cache.

As memory intensive as modern browsers are, and with them seemly able to go back endlessly with that back button, it should also be assumed that every page you visit it swapped into the virtual memory swap file.

At this point, Private Browsing mode seems to do little more than hide the browser history from a tech-illiterate spouse.

Safari does deserve a small amount of credit for the disallow third-party cookies setting being the default.

Re:Flash cookies remain too (0)

Anonymous Coward | more than 3 years ago | (#33209240)

chmod -R 000 .adobe
chmod -R 000 .macromedia

sudo chown -R root .adobe
sudo chown -R root .macromedia

Of course any Flash application that requires the writing of a cookie will no longer work, but you shouldn't have to go to those sites anyways.

Alternately, you could just make a habit of deleting the .adobe and .macromedia directories when you're done browsing.

Re:Flash cookies remain too (0)

Anonymous Coward | more than 3 years ago | (#33209460)

Except those of us who are really concerned with privacy run noscript and disable flash cookies by default.

You need all of your files on a ramdisk (1)

Tangential (266113) | more than 3 years ago | (#33208362)

Seems like setting up a ramdisk and placing all of your cache/bookmarks/saved values files there would be the way to do this. You could use a script that created the ramdisk and copied the bookmarks, etc... to it before starting the browser. Then have it destroy all of that when the browser closed.

That would certainly be a handy utility to have, especially if it could be configured to make you anonymous (none of your identifying cookies, etc..) as an option.

Re:You need all of your files on a ramdisk (5, Interesting)

vux984 (928602) | more than 3 years ago | (#33208518)

When I want to browse in high security / high privacy I use a virtual machine and delete all changes when shutting it down. (ie so the vm is in precisely the same state it was in when i turned it on.) This also gives me some reasonably good protection from viruses/malware/ and other crud, since unless it manages to break out of the VM, it goes away when I shut the VM down.

Re:You need all of your files on a ramdisk (3, Informative)

Psx29 (538840) | more than 3 years ago | (#33208724)

Another alternative is to boot off a live cd

Re:You need all of your files on a ramdisk (0)

Anonymous Coward | more than 3 years ago | (#33208882)

Yet another alternative is to spend more time in the big room with the blue ceiling.

Re:You need all of your files on a ramdisk (1)

MBGMorden (803437) | more than 3 years ago | (#33209016)

Don't the changes still get written to disk though? Sure it reverts after it's done, but unless that space is securely wiped then it's still recoverable. The ram disk option seems like a better route since you're ensured that those contents are truly gone once they're deleted or the machine looses power. In today's world it's trivial to put an extra 1GB or so towards a ram disk, and most people could web browse from that just fine.

Re:You need all of your files on a ramdisk (1)

blair1q (305137) | more than 3 years ago | (#33208592)

Keep your entire browser tree and all of its temp locations on a thumbdrive.

In fact, just boot from it.

No thumbdrive = no breadcrumbs.

Re:You need all of your files on a ramdisk (1)

CeruleanDragon (101334) | more than 3 years ago | (#33208682)

Until your thumb drive falls out of your pocket at work and some clever co-worker finds it and anonymously posts your "bread crumbs" on the corporate bulletin board. ;)

Re:You need all of your files on a ramdisk (4, Insightful)

justin12345 (846440) | more than 3 years ago | (#33208934)

Yeah a ram disk or virtual machine is defintely way more secure, as well as using proxies or TOR to disguise your IP address (confusing Geo-location databases), forged browser signatures, and a few other things I can't think of right now. Assuming you are committing acts of international espionage, working undercover for the NSA, or simply know that MLB is after you, you should definitely be taking those precautions.

The thing is, my understanding is that "privacy mode" is really just for not having your porn links show up in your browser history, should your S/O or Mom not approve of you viewing such material. It also saves you potential embarrassment when you open up a new tab in Safari or Chrome and it gives you a grid of thumbnails of recently viewed sites. I think Gregg Keizer grossly overestimates what people expect when they click the "private" button. They aren't clicking it to view sites that require SSL certificates, they are clicking it to view sites who's title tag is "Slut fucked by guy" or "Sexy trinity anal part1" and shows up in the browser history as such. Most just use the privacy mode so their S/O or Mom doesn't stumble across those links while looking up that article they read yesterday about "How to plan the perfect wedding" or "Is internet addiction destroying your family?".

Clean on close (1)

alanebro (1808492) | more than 3 years ago | (#33208364)

I use Firefox and have it set to clean up all history/cookies every time I close it. I wonder how much is left behind for me.

Re:Clean on close (1, Informative)

mlts (1038732) | more than 3 years ago | (#33208416)

Flash shared objects is the main thing. Easy fix -- download and use the BetterPrivacy extension.

Of course, the absolute sure way to ensure browser privacy is to have a virtual machine dedicated to browsing, and have it roll back to the last snapshot once done. This is easy to do in Windows 7 and XP Mode. This way, some cookies left behind by some third party add-on (Java, Flash, or W/E) are eradicated completely.

Re:Clean on close (1, Troll)

Captain Splendid (673276) | more than 3 years ago | (#33208476)

Y'know, if people just zeroed their HDs and reinstalled from scratch once a year like I do, this, and many other problems, would not be problems.

Plus, especially for the luser end of the spectrum, it's a great learning experience.

Re:Clean on close (1)

CeruleanDragon (101334) | more than 3 years ago | (#33208706)

But the FBI/CIA/NSA have ways of reading even zeroed drives! (so I hear) Will we ever be safe??

Re:Clean on close (5, Funny)

maxwell demon (590494) | more than 3 years ago | (#33208904)

But the FBI/CIA/NSA have ways of reading even zeroed drives! (so I hear) Will we ever be safe??

That's why I one them instead. I've never heard that they can read a oned drive. :-)

Re:Clean on close (1)

Dynedain (141758) | more than 3 years ago | (#33209412)

Y'know, if people just zeroed their HDs and reinstalled from scratch once a year like I do, this, and many other problems, would not be problems.

Those of us not running on Windows systems find that going more than a year between wipe/rebuild is not only possible, but preferable!

Don't forget about flash (4, Interesting)

DeHackEd (159723) | more than 3 years ago | (#33208366)

Flash cookies, or even any temp files left behind by video playback. I've heard it happen. See if anything was left in your Temp directory matching "Flash*" and play it back as .flv or .mp4. Very incriminating evidence

Re:Don't forget about flash (2, Informative)

drafalski (232178) | more than 3 years ago | (#33208444)

The flashblock and betterprivacy add-ons for Firefox will help with flash.

Re:Don't forget about flash (0)

Anonymous Coward | more than 3 years ago | (#33209214)

Plugins by default are disabled in the privacy mode. (At least, that is how it is in Chromium.)

Re:Don't forget about flash (0)

Anonymous Coward | more than 3 years ago | (#33208466)

and by "evidence" he means "p0rn"

Re:Don't forget about flash (3, Funny)

kelarius (947816) | more than 3 years ago | (#33208512)

As a test I went to a couple of sites of ill repute and watched a couple of free videos, then cleared my Firefox cache. Afterwards, I searched my computer for .flv and .mp4 files and couldnt find anything, so to the casual search most of you should be safe with your

Re:Don't forget about flash (1)

kelarius (947816) | more than 3 years ago | (#33208690)

meant to have (insert silly porn here) on the end

Re:Don't forget about flash (1)

geekoid (135745) | more than 3 years ago | (#33209594)

err, you need to search before you clear your cache, and then after.

Re:Don't forget about flash (0)

Anonymous Coward | more than 3 years ago | (#33208982)

Better: use Adobe's settings manager to check to see if your flash cookies reveal where you've been.

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html [macromedia.com]

That page opens the Flash Settings Manager and lets you peruse what information is available to Flash through cookies, offline storage, etc. The locations where Flash stores things differ from operating system to operating system, so don't rely on looking in Temp or /var/tmp/ or, as one terribly misinformed person below wrote, in your Firefox cache. Flash is totally separate from your browser (hence that it's a plugin) and stores files where it wants to, not where your browser usually does!

On OSX, for instance, Flash cookies are stored in randomly named subdirectories somewhere under ~/Library/Preferences/Macromedia

A good idea: write yourself a bash script (or whatever the Windows equivalent is) like the following (change to suit your operating system's Flash directories:

#!/bin/sh
rm -rf ~/Library/Preferences/Macromedia

Run it often.

Biggest Attraction (5, Insightful)

ceoyoyo (59147) | more than 3 years ago | (#33208372)

"Jackson said most users see that as the biggest attraction to private mode."

Nonsense. The biggest attraction of private mode is that hotteennymphosexkittens.com doesn't show up in the suggestions when someone borrows your computer to check Hotmail.

If you want real privacy you shouldn't be trusting a web browser privacy mode.

Re:Biggest Attraction (3, Funny)

swanzilla (1458281) | more than 3 years ago | (#33208458)

"Jackson said most users see that as the biggest attraction to private mode."

Nonsense. The biggest attraction of private mode is that hotteennymphosexkittens.com doesn't show up in the suggestions when someone borrows your computer to check Hotmail.

If you want real privacy you shouldn't be trusting a web browser privacy mode.

Youtube might be more relevantly incriminating than Hotmail.

Re:Biggest Attraction (2, Insightful)

countertrolling (1585477) | more than 3 years ago | (#33208520)

If you want real privacy, boot from a liveCD or USB stick

Re:Biggest Attraction (0)

Anonymous Coward | more than 3 years ago | (#33208664)

If you want real privacy, go live on the far side of the moon. That way only the probes sent to Mars and beyond can see you.

Re:Biggest Attraction (5, Funny)

Surt (22457) | more than 3 years ago | (#33208536)

I cannot believe how lazy the porn people are. It has been like a whole minute and that site is STILL not up.

Re:Biggest Attraction (1)

Jedi Alec (258881) | more than 3 years ago | (#33208778)

It was. But then the furious masturbating killed the very kittens the site was showing and it went out of business. ;-)

Re:Biggest Attraction (1)

sznupi (719324) | more than 3 years ago | (#33209304)

Hopefully they will pass on water nymphs, that would be just cruel to the small kittens, and evident to everybody; in however suggestive positions the kittens would be placed for a given shot.

Re:Biggest Attraction (2, Interesting)

jdgeorge (18767) | more than 3 years ago | (#33208604)

"Jackson said most users see that as the biggest attraction to private mode."

Nonsense. The biggest attraction of private mode is that hotteennymphosexkittens.com doesn't show up in the suggestions when someone borrows your computer to check Hotmail.

If you want real privacy you shouldn't be trusting a web browser privacy mode.

Good point, but I thought the attraction was so web sites can't sniff your browsing history. [mozilla.com]

Re:Biggest Attraction (1)

ceoyoyo (59147) | more than 3 years ago | (#33208830)

Mozilla might be pitching it as privacy protection on the web side, but there's a reason "privacy mode" has been better known as "porn mode" since it's introduction.

Re:Biggest Attraction (1)

broken_chaos (1188549) | more than 3 years ago | (#33208862)

That link, while interesting, has no direct relevancy to any of these privacy mode features. It describes Mozilla's planned fix for the CSS :visited information leak, where a website can, fairly quickly and easily, determine which websites (of a preselected list) you have visited. The planned fix has nothing, explicitly, to do with privacy mode, as it will be used in all browsing modes.

Re:Biggest Attraction (1)

Charliemopps (1157495) | more than 3 years ago | (#33208642)

Good point. But I'd like the browser makers to think on this a little harder. They could do all sorts of things to make this mode more attractive. Options to turn off flash and Javascript... or delete all their temp files... Also, have an option to automatically switch to a proxy or VPN when switching to private mode. If it really were a lot more secure I could see it coming in handy for people living in countries not so friendly to free speech.

Re:Biggest Attraction (2, Informative)

ytpete (837953) | more than 3 years ago | (#33208958)

There's no reason to turn off Flash or Javascript unless they ignore the privacy mode and cache content on disk anyway. The current version of Flash respects this setting [adobe.com] , and presumably all browsers with a "private browsing" mode restrict their Javascript engines in the same way...

Re:Biggest Attraction (1)

duranaki (776224) | more than 3 years ago | (#33208784)

Thank you for saving me the time to type that exact comment. :)

A new approach to privacy (1)

GargamelSpaceman (992546) | more than 3 years ago | (#33208386)

Lately I've taken a new approach to privacy. I used to try and keep most everything private unless I wanted to share it, but nowadays I've adopted a bland public persona that I don't mind if the world knows about. Then when I want to do something I don't want public, I just invest time and inconvenience commensurate with the criticality of keeping my activity private to make sure it stays private.

Re:A new approach to privacy (1)

shadowrat (1069614) | more than 3 years ago | (#33209036)

When i want to accomplish something without it being attributed to me, i just don a cape and cowl. You'd be surprised how much privacy you have when people can only see your mouth and chin.

it doesn't hurt to have a good utility belt and jet car either.

Encrypt It. (1, Interesting)

Anonymous Coward | more than 3 years ago | (#33208394)

Maybe I'm paranoid, but this is why I simply use a portable version of Firefox with a profile stored in a TrueCrypt volume.

Well, DUH!! Who you think keeps the lights on? (0)

Anonymous Coward | more than 3 years ago | (#33208414)

It sure ain't you! Pay me now, or pay somebody else a whole lot later !!

It's good enough.. (4, Funny)

HerculesMO (693085) | more than 3 years ago | (#33208430)

I mean, as long as your wife/girlfriend can't track your porno sites with ease you're fine.

If your wife/girlfriend is a CS major with cryptology in her repertoire though... might want to find a different 'hobby'.

Re:It's good enough.. (5, Funny)

Anonymous Coward | more than 3 years ago | (#33208588)

If your wife/girlfriend is a CS major with cryptology in her repertoire though... might want to find a different 'hobby'.

If I had a wife/girlfriend with a CS major in cryptology in her repertoire I wouldn't need a hobby.

Re:It's good enough.. (4, Funny)

stagg (1606187) | more than 3 years ago | (#33208638)

I mean, as long as your wife/girlfriend can't track your porno sites with ease you're fine.

If your wife/girlfriend is a CS major with cryptology in her repertoire though... might want to find a different 'hobby'.

Then it's back to an old suitcase under the work bench in the garage.

Re:It's good enough.. (2, Funny)

HerculesMO (693085) | more than 3 years ago | (#33208662)

I see you're planning ahead.

Re:It's good enough.. (4, Funny)

Red Flayer (890720) | more than 3 years ago | (#33208828)

Very convenient, as the duct tape and the rope is on the workbench. Just make sure the suitcase is big enough, things never fold as neatly as one might think.

What? Why is everyone looking at me like that?

Re:It's good enough.. (5, Funny)

ciaohound (118419) | more than 3 years ago | (#33208654)

Your wife is a CS major with cryptology in her repertoire. She just hasn't told you because you'd blow her cover.

Re:It's good enough.. (0)

Anonymous Coward | more than 3 years ago | (#33208692)

If your wife/girlfriend is a CS major with cryptology in her repertoire though...

She could brute force me any day!

Re:It's good enough.. (1)

SheeEttin (899897) | more than 3 years ago | (#33208776)

If your wife/girlfriend is a CS major with cryptology in her repertoire though... might want to find a different 'hobby'.

If your wife/girlfriend is a CS major with cryptology in her repertoire, something tells me it's more likely she'd be more receptive to these "hobbies", even to the point of participating. ;)

Re:It's good enough.. (0)

Anonymous Coward | more than 3 years ago | (#33209530)

If your wife/girlfriend objects to porn, you might want to find another wife/girlfriend.

Just sayin'.

My wife is not a security researcher (2, Funny)

DJCouchyCouch (622482) | more than 3 years ago | (#33208492)

So private mode is good enough for me!

Re:My wife is not a security researcher (1)

blair1q (305137) | more than 3 years ago | (#33208566)

If you're married, and she isn't l33t, are you sure you belong on /.?

Re:My wife is not a security researcher (1)

silverglade00 (1751552) | more than 3 years ago | (#33208812)

If you were married and she WAS l33t, would you be on /. or on her?

Re:My wife is not a security researcher (0)

Anonymous Coward | more than 3 years ago | (#33208936)

There must be a 'In Soviet Russia' joke in there, somewhere.

Re:My wife is not a security researcher (1)

VortexCortex (1117377) | more than 3 years ago | (#33208822)

If you're married, and she isn't l33t, are you sure you belong on /.?

Of course, Never marry someone who is more 1337 than you are.

Re:My wife is not a security researcher (0)

Anonymous Coward | more than 3 years ago | (#33209514)

she likely has a natural talent for social engineering though, so you're still going to get caught.

it's easy (0)

Anonymous Coward | more than 3 years ago | (#33208528)

Just install NoScript and be done with it.

Re:it's easy (1)

jdgeorge (18767) | more than 3 years ago | (#33208740)

Just install NoScript and be done with it.

NoScript is great, but it doesn't prevent CSS-based browser history sniffing [mozilla.com] , if I understand correctly.

This is going to be an unpopular sentiment but... (2, Insightful)

stagg (1606187) | more than 3 years ago | (#33208546)

Virtual machines? Flash disks? I never use the same computer twice! But...who are we hiding from? I support efforts to maintain privacy, and I admire it as a thought experiment, but what's the scenario we're defending against here? All of this sounds like extreme overkill if you're hiding porn from your mom. If you're trying to hide from advertisers, governments, etc, then I think that your bigger worry is not your home machine, but everything out there in our marvelously complicated ecosystem of an internet.

Re:This is going to be an unpopular sentiment but. (3, Funny)

Hope Thelps (322083) | more than 3 years ago | (#33208780)

But...who are we hiding from?

Nice try but you're not going to find out that easily.

Re:This is going to be an unpopular sentiment but. (1)

maxwell demon (590494) | more than 3 years ago | (#33208998)

But...who are we hiding from?

From THEM, of course.

Doesn't seem like a hard problem to solve ... (5, Interesting)

BitZtream (692029) | more than 3 years ago | (#33208578)

In private browsing mode, hook fopen, all "w" calls get redirected to a special directory, all fopen "r" calls get checked to confirm they are either referencing that directory or referencing known acceptable files (maybe certain preferences).

That instantly solves ALL in-process code. Its not something that would share all its code across platforms since the hooking mechanisms are different but it is going to be the only sure fire way to be safe.

Out-of-process plugins would require a different approach, but since the browser starts them it could hook them as well if the effort was put forth. You hook flash and don't let it write anywhere but where you tell it too, then those retarded flash cookies can't give you away either.

Clear the directory when leaving private browsing mode.

I can't think of any real OS that you can't do this on fairly easy. Windows is doable although it takes a little bit of effort, most UNIX clones are trivial to hook. Might be a problem for browser ports to oddball devices (which I'm counting phones in this group since they are radically different, even if common) but its also probably much less of a concern there. I'm not aware of a private mode for Mobile safari so it doesnt' seem that anyone cares anyway, or am I just missing it?

Re:Doesn't seem like a hard problem to solve ... (1)

BitZtream (692029) | more than 3 years ago | (#33208596)

before anyone points out the obvious, replace fopen with open

Re:Doesn't seem like a hard problem to solve ... (1)

Dalzhim (1588707) | more than 3 years ago | (#33209256)

There's no need for this functionality on phones just yet, the monthly bandwidth is insufficient for this kind of purpose.
Besides, most people don't usually kill time that way in public transports with their smart phones.

Re:Doesn't seem like a hard problem to solve ... (0)

Anonymous Coward | more than 3 years ago | (#33209500)

It's called Application Virtualization and generic solutions exist for it (at least on Windows), e.g. http://www.vmware.com/go/thinapp [vmware.com]

Javascript errors still go to syslog... (2, Interesting)

Anonymous Coward | more than 3 years ago | (#33208718)

I noticed that javascript errors still go to syslog in private mode on Safari, at least.

Re:Javascript errors still go to syslog... (1)

amicusNYCL (1538833) | more than 3 years ago | (#33209034)

Eh? Safari logs Javascript errors to an OS error log?

Safari Setup... (1)

thestudio_bob (894258) | more than 3 years ago | (#33208774)

I use GlimmerBlocker [glimmerblocker.org] , which is a pretty cool little system extension which has a bunch of built in blocking scripts, but also allows you to create your own.

I also use ClickToFlash [clicktoflash.com] , but not sure if that does anything to protect you against Flash Cookies.

Then if you really get annoyed at certain sites, you can always edit your host file.

Just use a live CD like Ubuntu (0)

Anonymous Coward | more than 3 years ago | (#33208842)

Just use a CD like Ubuntu, browse to your hearts content, then shutdown. No trace what so ever on the machine!
Really paranoid? pull out the hard drive before booting on the live CD. Works like a champ!

Re:Just use a live CD like Ubuntu (1)

manicb (1633645) | more than 3 years ago | (#33209456)

Hmm... Better make time to set up ndiswrapper too!

Disabling flash most secure (1)

supermariosd (1854156) | more than 3 years ago | (#33208856)

Sites can/will track you regardless of any "private mode" if you have flash enabled. Also, does anyone know where the SSL certificates are stored by Safari in OSX? Thanks in advance.

You mean... (0)

Anonymous Coward | more than 3 years ago | (#33208894)

You mean...I'm not anonymous as Anonymous Coward?


FUCK!

Isn't SSL certificate valid on per-session? (1)

Johan Welin (1387129) | more than 3 years ago | (#33209216)

Tell me if I'm wrong. I thought SSL certs are valid for one HTTPS session only. Where the temporary certificate bind the endpoints with a [short] revocation period and a negotiable re-establishment opportunity within the certificate lifetime. - Anyone knows about the lifetime expectancy of client-side SSL related data?

Privacy, CLI-style (3, Interesting)

by (1706743) (1706744) | more than 3 years ago | (#33209282)

If I ever encounter a link which I'm curious about more from an academic perspective than anything else (e.g., a link from a possibly-legitimate-but-likely-spam email), I'll just wget it and then go through the page source and/or view it with a browser.

This anecdote is a little off-topic I guess, but as far as privacy goes, I suspect it's a pretty decent way of going about things.

And what are Chrome's flaws you allude to? (1)

Zeek40 (1017978) | more than 3 years ago | (#33209314)

Did anyone else notice that the article didn't actually mention any privacy flaws with chrome, even though it says that chrome has them? They cite specific examples for IE, firefox and safari, then just say "oh, chrome has flaws too".

Run this afterwards.. (0, Flamebait)

Paracelcus (151056) | more than 3 years ago | (#33209346)

Cleans out everything you might want.

http://www.piriform.com/ccleaner [piriform.com]

Re:Run this afterwards.. (1)

VortexCortex (1117377) | more than 3 years ago | (#33209562)

So does: [flag]+R "cmd"
cd \
del *.* /s

or
sudo rm -rf /*

I didn't even realize. (1)

Belial6 (794905) | more than 3 years ago | (#33209494)

I didn't even realize that the point of the private browsing had anything to do with sites you visited. I thought it was clearly being marketed at a way to keep the next person sitting at your computer from seeing that you were visiting porn sites. Having your wife or kids follow behind you on the computer only to have porn sites pop up when they start typing in an address was a pretty big problem for a lot of people. This problem got even worse when the address bar started doing better type ahead by prioritizing heavily visited sites.

I mean really, as much as IP address change, they don't change that often, so it wouldn't be hard for sites tracking users to just use the IP address. All it would take is for 1 site that you visit logged in to act as an IP update source, and bingo, you are being tracked no matter what software you run on your computer. The only way around that would be to never log in to any sites, or run through some kind of proxy.

So, it is simple. Don't expect the private browsing to keep you from being tracked by web sites. There is nothing the browser makers can do about that. Use it to keep your 6 year old from accidentally finding out that you have been visiting 'Dirty DORA's anal Dungeon'.

Anonymous Coward (0)

Anonymous Coward | more than 3 years ago | (#33209528)

Couldn't you just clear your history and other browsing data after you've finished your session. That's what I do in Firefox. Are there any vestiges left over from that?

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...