Private Browsing Modes Not So Private After All, Report Says
Cnet's Seth Rosenblatt published a story about privacy risks in private browsing modes of modern web browsers today.
He summarized the findings of a soon-to-be published report of researchers at Stanford University's Computer Science Security Lab. The researchers analyzed the private browsing modes of Google Chrome, Mozilla Firefox, Microsoft Internet Explorer and Apple Safari and came to the conclusion that the modes are not as private as many users think they are.
First problem, the report is not online yet. Cnet linked to an old report that contained limited information on the subject, as it was published in August 2009. Only an abstract of the new report is available on the USENIX website.
We study the security and privacy of private browsing modes recently added to all major browsers. We first propose a clean definition of the goals of private browsing and survey its implementation in different browsers. We conduct a measurement study to determine how often it is used and on what categories of sites. Our results suggest that private browsing is used differently from how it is marketed. We then describe an automated technique for testing the security of private browsing modes and report on a few weaknesses found in the Firefox browser. Finally, we show that many popular browser extensions and plugins undermine the security of private browsing. We propose and experiment with a workable policy that lets users safely run extensions in private browsing mode.
So, what are the findings of the report according to Seth? The private browsing modes of Firefox, Google Chrome, Internet Explorer and Safari are not necessarily as private as developers claim.
Why is that? Because add-ons may undermine the mode. While the browsers do not store data in private browsing mode, add-ons or extensions may very well do so. There are simply no control mechanisms yet to prevent them from doing so.
But that's something that Mozilla has already recognized in February, 2010.
But even if add-ons record activity it may not mean that privacy is compromised. That largely depends on the data that is stored and how it is stored and made accessible in the browser.
Another consideration is that Google Chrome for instance, disables all extensions by default, but gives the user the controls to enable them in private browsing mode.
Lastly, the study did not include the Opera web browser which it should have. What does this all mean for users who use the private browsing mode? That depends: first on the add-ons that they use, and if some store records of private browsing sessions, and second on the dedication and technical knowledge of users who want to spy on someone's web browsing sessions.
Browser developers like Mozilla should consider adding a no-extensions policy to the private browsing mode of Firefox, to prevent data leaks in the mode. A more sophisticated solution, like only enabling extensions that are known not to record data in private browsing mode, should be the ultimate goal though.Advertisement
Don’t chrome-addons need permission to run in incognito mode? Which is opt-out by default?
I’m sorry, I misread the article.
i’m a rss follower, first time i’m visiting this site in a long time.
You are one of the few people on a influential website that acknowledges the Opera browser as a viable alternative. I wanted to thank you for that.
Ocanic, thanks for the words. I really like Opera, and would switch immediately if it would support Last Pass (or a comparable service with imports) and NoScript. I always have it installed and like its speed and customizability. That, and the fact that they have been the underdogs for so many years, which just seems unfair considering the quality of their product.
By that statement you just got a new regular reader.
Then welcome aboard Sujit ;)
So for now Opera have a really full private browsing, according Opera Software Widgets (no extensions) are fully sand-boxed.
Opera basically behaves like the other web browsers without add-ons, even though I would like to know if widgets cannot record or store data when the browser is used in private browsing mode. Would also like to know if other services, like turbo or unite may interfere with the mode.
@Martin: Opera,Widgets are have NO access whatsoever to the tabs, history, …. therefore they can not record or leak any such data.
Unite is also completely isolated from the rest of the browser. It’s only effected the Unite services which are essentially widgets with no floating UI but a background process which can respond to HTTP connections.
Mathieu, thanks so much for clarifying this, I was always wondering about that. I do know that Opera has similar capabilities what NoScript offers, I think it does not offer what I’m looking for. I’m looking for something that blocks scripts completely on my first visit, and lets me decide which to activate.
Okay, you can’t really cherry pick exactly which scripts you want but the ones you don’t want certainly belong in you Content Blocker list anyways ;)