Private browsing, a relative new feature that allows users to hide their web activities. The modes basically block storage of browsing session data in the browser or the computer’s hard drive. This for instance means that no data is written to the cache or the cookie storage.
Users naturally feel safer using that mode, but that should not be the case. Why? Because there are means to find out which sites have been accessed in private browsing mode.
You see, one feature of the Windows operating system is a DNS cache, that stores domain name and IP links. Without going into to much details, the DNS cache records information about every website that the user opens in a web browser in Windows.
Curious Windows users just need to list the contents of the DNS cache to find out what websites a user has been visiting in private browsing mode. It may require some additional comparisons to find the private browsing mode websites, but that requires just some manual work and can be neglected.
Here is how you can display the contents of the DNS cache:
- Open a command prompt in Windows. The easiest way to do that is to press Windows-R, type cmd and the enter key.
- Now type the command ipconfig /displaydns in the command prompt and hit enter.
- This displays all websites that have been stored in the DNS cache. Please note that this includes everything, which means websites in all web browsers, regardless of whether they have been opened automatically (e.g. by a script on the site) or manually by the user.
Chance is the list is to large for the command line cache. You can use the command ipconfig /displaydns > dns.txt to save the output in the text document dns.txt. It is then possible to open the document in a text editor, to see all records. Opening it in a text editor has other advantages, like being able to search through the records.
Windows offers an option to flush the DNS cache so that all records are deleted from the cache. This is done with the command ipconfig /flushdns.
Some programs (like CCleaner) offer options to delete the DNS Cache. It is also possible to write a simple batch file to delete it on shutdown. Let me know if you like an example script that does that.
Windows users who regularly work in private browsing mode should consider clearing their system’s DNS cache frequently to protect their privacy.
Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook or Twitter.Related Articles:
Private Browsing Modes Not So Private After All, Report SaysImprove Firefox Private Browsing With Private Browsing Window Add-on
First Look At Firefox’s Private Browsing Mode
Open Links in Private Browsing Mode In Firefox
Autostart Firefox In Private Browsing Mode
I always do the “ipconfig/flushdns” on command prompt before shutdown :D
That’s like washing your clothes before burning them. DNS cache on Windows is stored only in memory; it does not survive a reboot.
Ross yes that is right. Still, the option is valid for users who leave the computer on for days for example, or leave it on while they are not at home.
What about your earlier posting:
http://www.ghacks.net/2009/01/01/private-browsing-not-so-private-after-all/
FL, yes that is another possibility, if the sites make use of Flash cookies. Private browsing is not really that secure, unless you take good care of the temporary data that gets written to the system.
I use a simpler solution: i disable “DNS client” service completely. The downside of this action is that I give up having a DNS cache (each application that connects to internet is resolving the addresses directly), but I solve some security issues related to DNS resolver.
I just don’t use DNS. Simple as that
Um, any help with retrieval on Linux??