What private browsing reveals about you
This is the third part of a mini series about privacy on the Internet. The other parts are linked below.
Last time we looked at what websites and sites on the Internet know about you when you connect to them. This time we are expanding on that and look at what you may reveal about your device and yourself if you are using private browsing mode.
Private browsing, Google calls this Incognito Mode, blocks information from being recorded locally.
This means that sites you connect to while in private browsing still receive information about you and your device. Your IP address, other information sent during the initial connection process, information that can be retrieved by running scripts or using plugins and also information that you may reveal yourself.
There is also a local DNS cache that will record the sites you visit. It can reveal information to third-parties that have access to the computer locally.
1. Your IP address
Using private browsing mode does not affect remote information. Your IP address for example is used during connections which means that websites and services on the Internet that you connect to see it.
If you connect to our IP script you will notice that it lists your IP address regardless of whether you are browsing normally or in private browsing mode.
The IP address is linked to you. It can be used directly to pinpoint the region you are living in among other things.
Solution
There are several solutions that you can use to hide your IP address. You can use a web proxy server which hides it in the tab you are using, a solution like Tor which provides you with its own browser that you can use to connect to sites or VPNs which you connect to from your local computer.
All share that sites don't see the IP address of the device you are connecting with but the IP address of another server on the Internet.
This won't necessarily anonymize the connection though so keep that in mind.
2. Fingerprinting
Sites that you connect to may retrieve additional information about your computer. The IP address has been mentioned already but it is just one of the many information that browsers reveal when connections are made.
The user agent for example reveals information about the browser that you are using, its version and the operating system.
A test on Panopticlick or reveals additional information. This may include the time zone, screen size, the browser plugins installed, system fonts, supercookie support or HMTL 5 support.
Plugins may reveal additional information that go beyond this.
Fingerprinting itself refers to using these information to create a narrowed down or even unique ID of a system based on the information provided.
Solution
There is not a catch-all solution but you can make it harder for sites to identify your system as a unique device. Plugins can be disabled for example, you may use tools like Chameleon for Chrome or User Agent Switcher for Firefox.
Additional information about methods to protect against fingerprinting are available here.
3. The Windows DNS Cache
Windows keeps a cache of DNS look ups which occur whenever you connect to sites on the Internet. This is done to speed up consecutive look ups.
What's interesting from a private browsing perspective is that it will cache these entries as well. That's right, every site you visit in private browsing mode is recorded by Windows and anyone who knows where to look for the information can look it up.
Here is how to look it up:
- Tap on the Windows key, type cmd.exe and select the result to load it.
- Type ipconfig /displaydns to display all cached entries in the command line window.
- To export the information use ipconfig /displaydns > c:\users\username\dns.txt
- Make sure you replace username with the name of the current user.
The cache records the domain name and other information about the entry. What is not recorded is the path on the site that you have accessed nor date and time when that happened.
Solution
There are two solutions. The first deletes the cache when you run a command, the second disables caching.
To flush the cache, use ipconfig /flushdns on the command line. Some third-party programs such as CCleaner offer that option as well.
To disable caching altogether disable the service DNS Client.
Check out how to flush the DNS cache in Windows for detailed instructions and additional information.
4. Accounts, forms, content production
Accounts are linked directly to you. If you use private browsing mode and sign in to an account on the Internet the site knows that you are the user regardless of private browsing mode.
This may not be an issue depending on the account in question but if you sign in to one that you use regularly as well you reveal the same amount of information than before.
The same can be true for being active on the Internet. If you write a comment on a site you may reveal your email address to that site for example.
Solution
There is no real solution for this. You could keep accounts separate but that works only if you take care of your IP address and other identifying factors as well.
As far as email addresses are concerned, you can use throwaway addresses like Yopmail for those activities.
Now You: Is there anything that we have missed? Feel free to post it in the comments below.
Thanks for listing Yopmail. Any differences between YopMail and Mailinator?
I don’t think so from a user perspective.
Could you please elaborate about #2? :)
Guest I’ll just turn off dnscache before paying bills online from now on, thanks for the Tip Martin. The command prompt can get overwhelming by times and I totally forgot about displaying dnscache, again thanks.
Well you can also run CCleaner or another program to clear the cache regularly.
Note that flushing the DNS cache is temporary; it begins caching again immediately.
Setting to Disabled the DNS Client in the Services Control Panel is a good idea as most folks don’t even need it for teh intuhwebz (being useful mostly for class A and B LANs). I believe there is a GUI utility or two out there where that can be toggled (and flushed) as-needed without having to drill into the control panel.
Chrome and Firefox have their own DNS cache (one of the first things I disable when I install a Mozilla or Chromium browser) and I can’t readily find a definitive source as to whether or not they’re disabled during Incognito/Private mode. Do you know?
Are you sure about Firefox using its own DNS cache? I just checked running a private browsing window, clearing the cache, and then connecting in a private window to sites and they appeared in the Windows DNS Cache.