Features in the four major browsers designed to cloak users' browser history often don't work as billed, according to a research paper that warns that users may get a false sense of security when using the built-in privacy settings. The private-browsing modes are supposed to allow users to visit a website without leaving any …
Watch the IE8 ad where the chap is buying his wife a "gift"
and imagine instead that he's looking for smut: it's almost amusing.
Anyway, a better way to keep people from snooping your history is for everyone to have their own accounts in which they can do as they please. I also make use of Mac OS X's Guest Account when someone wants to, for instance, quickly check their email: as soon as they're done, all tracks are erased.
And the gift was...
A rubber gimp outfit and enema bag accessory.
Re: Watch the IE8 ad where the chap is buying his wife a "gift" → #
> and imagine instead that he's looking for smut: it's almost amusing.
Isn't that the point of the advert?
I.e. a the minds of all the husbands watching suddenly get transfixed thinking of pron, and the wives' get transfixed thinking of presents.
Another good use of funds
"The researchers said that to the best of their knowledge they are the first to demonstrate a way to detect private browsing mode"
A good waste of cash if you ask me.
Don't forget "flash cookies"!
The complete solution, and it protects you against malicious script.
I reccomend very highly!
Oh, did I mention it's free...
I was rather amused at the Internet Explorer ad going on about "buying a present for the wife" when everyone knows that 95% of the time it's going to be used for hiding porn browsing and/or dating sites, 5% for shopping for "surprise" presents for the SO.
5%, yeah right ;-)
"when IE and Safari encounter a self-signed certificate, it is stored in a certificate vault that is preserved even after the private session ends."
Like the donkey porn sites you dont want your wife to see have self signed certificates!
Erm, i am not talking about my wife... it's a mate's wife, yes that's it, a mate, not me, nosireebob.
So...you don't want your *mate's* wife to see that you've been browsing donkey porn but you're OK with your own wife knowing the explanation for your sticky keyboard...hmmm...
Just a shot in the dark but I suspect the inadequacies of private browsing may be the least of your problems!
Mines the one with the dark glasses and wet-wipes in the pocket...
Who said anything about a sticky keyboard? Have you not heard of cling film?
My mates say E-aww E-aww E-always uses it!
I've had bad experiences with Safari for Mac
I always update to the latest version. So often, when i've reset the browser and emptied the cache, I visit a website to find I am still logged in.
I'm seeking a browser that works 100% in this regard.
So, Opera does not suffer from this problem, or was it not even tested?
Not even tested
But only because no one cares about Opera.
Private modes often fail?
People using these private modes aren't bothered about forensic details like this. They're probably trying to avoid snooping parents/spouses rather than the federalis. With that in mind, private mode gets the job done.
Pr0n modes are used just for that. Not for serious privacy concerns. It's to stop the only marginally tech-savvy wives from seeing which fetish you are into and which goats you are interested in meeting.
Apparently. According to friends.
I'm guessing no matter how private a browser claims to be, the contents of a site is sitting in memory, which means windows may decide to write it to the page file, which means a forensic trace anyway.
Did they test Opera?
As it's tab-based Private Tab is by far the best implementation of Private browsing, where you can have private and non-private tabs.
So long as you remember which tab is which
and don't reuse a regular tab for a search you wanted to keep private.
Yeah... be careful!
I actually use Chromium (not Chrome) for private browsing and nothing else. Since I use Opera for regular browsing, don't want to get things mixed up...
The obvious question
So Opera is ok? Or they never checked?
Re: The obvious question
A quick search of the linked pdf suggests they didn't bother trying Opera at all.
install at least three [free] track eraser programs and have them either run on a schedule or at start up. CCleaner is a good place to start; there are others. And of course there is manual delete too but that's so 20th century.
Don't work as advertised. Had to do a disk recovery once on a work colleague's computer and it's amazing what they leave behind...
I notified him that it would be prudent to stop, and that the boss considered evidence eliminators a grounds for firing anyway.
If you want to hide what you've been up to
Get a knoppix boot CD. No log files, no cache, no nothing.
Surely a user's browsing history is hidden behind their login password anyway?
(Unless they're in /etc/sudoers, in which case all bets are off.)
find a wife that is into donkey porn as well....
What a load of fail...
Modern computers can boot from all sorts of odd little things, like SD cards and the like.
Modern operating systems, such as Ubuntu, can be installed on such, with "persistence" so stuff like wifi keys and passwords won't be forgotten each time.
Thus, if you want a true "private mode" for all your sick desires, boot up from SD card, browse, get your yayas and then restart back in Windows with the SD card safely in your pocket. That ought to be pretty spouse/parent-proof, and if questions get asked, it's a doddle to "format" these things in a digital camera.
This is, I should point out, not something I have a need to do, but come on guys - we're supposed to be smarter than the average grockle, we ought to have ways and means that are somewhat more foolproof than "Private mode"...
Which brings about the...
Is that an SD card in your pocket or are you just happy to see me?
But does it...
pass the latest MAC address tracking breakthrough? Your system will give up the MAC address of its gateway router for intensely delicious geolocation.
Boot from the SD? Why not just use virtual machine, no need to reboot the main operating system.
Why not use a virtual machine...?
My main computer is an eeePC 901 which is just fine for normal use, but if you start trying anything funny (like an operating system within an operating system), it will struggle. Not so much with lack of processor power, but there's only so much you can do with 1Gb RAM and no swapfile.
Secondly, wouldn't a virtual machine risk leaving bits behind on the host's harddisc? Bits in fragmented files and such?
Nah, I think it would be quicker, safer, and more secure to run a completely different OS from an SD card. There doesn't need to be any evidence of this in the main system (in other words, no VM software), you just pop it in and boot from it. When you're done, shutdown and eject it.
Virtual machine anyone?
Would it not be just as easy to start a virtual machine under something like Sun VirtualBox, do your "essential" surfing then destroy the machine in its entirety afterwards? By "in its entirety", I mean blat it from the config, any virtual disks, etc.
Just floating that one out there as it's what I do and have thought it to be pretty secure. Although, currently downloading "Sandboxie" to give that a try. Nice one "Anonymous Coward - Don't forget "flash cookies"! #"
Put one and one together.
Use a virtual machine system, but keep the virtual hard drive and so on on removable media (if you're extra paranoid, TrueCrypt it or something). The session cannot be loaded without the thing mounted, and once it's removed, who's to know it was even there?
Flash is the worst.
It keeps a history of every "gift" site you may have looked at:
Why would they do that?
Those settings so your movies display, your sound level is where you want it to be, where you were in the audio stream, your game score. You do know that information has to be stored somewhere, don't you?
Another idea ?
On UNIX one could set up a special user account and arrange the browser to run in the context of that while sharing the X-session (= rw group permissions for .xauthority, group = special user's group) with the real user.After a session the dedicated account's home directory would be wiped and restored into a default state (for default browsers settings and such) from an archive.
Or, if using Firefox, you could just have a shortcut handy to start it with -ProfileManager, then create a fresh profile to use each time you want to do some private browsing, and delete it on next startup in this manner (or manually rm -rf the folder).
I do just this to be sure of nothing logging what I do when using web banking, or indeed if I simply want to test if some browsing problem is related to my normal profile, so use a blank profile with no addons etc.
I know chrome can be told to use a specific folder for its profile too, but it doesn't have the nice front-end profile manager that 'firefox -ProfileManager' gives you.
Whenever I read an article like this one where researchers are discovering vulnerabilities in browsers, I think to myself, "They filed the bugs for these, right?" I mean, if they really think they're doing valuable research, they'd try to fix problems they found, right?
wtf are you on about? -these people are not the browser's developers, and more to the point, this is not a vulnerability. unless you count your wife as a security threat i guess.
... my wife is a security threat to the life expectancy of anything electronic the house.
The wonders of eCommerce
"Watch the IE8 ad where the chap is buying his wife a "gift" and imagine instead that he's looking for smut: it's almost amusing."
Could, of course, be a smutty gift he's buying for her. They even have those advertised in the back pages of The Grauniad 'Weekend' magazine on Saturdays, so that must be OK, surely....
Now remind me; which wedding anniversary is 'Latex'?
All of them, if you play your cards right.
Just stick your firefox profile on a ramdisk. On Linux that's as simple as symlinking to or mouting a tmpfs at ~/.mozilla
mount -t tmpfs tmpfs ~user/.mozilla
This has the added advantage that the old .mozilla will reappear as soon as you unmount it.
For the truly paranoid, you could create a new user with their entire home directory on tmpfs, which gets created fresh whenever they log in, just incase something like flash writes to its own directory.
You can even use the sux program to run firefox (or any other browser) as that user without logging out of your own account or closing your non-private browsing session.
Firefox on Windows 7
in private browsing mode will still save a list of saved items to the 'recent' section of the Firefox icon's jump list.
Firefox may say you're in a private browsing session but it will still rat you out to Windows Explorer (who, as everyone knows is a loose lipped gossip & loose legged whore of the first order).
Your browser will ruin your life in ten seconds
No problems with Opera then. Well especially if you turn on 10.60's on-demand plugins in "opera:config" user prefs section. With shipping webm support you don't need flash to get your porn on.
I only use the feature for banking.
I said BANKING, you letcherous b*astards ;-)
My missus, who doesn't understand the feature, just watches pr0n inhibited. She finds better sites than me, FFS!
Nice that when she's gone to work I get a chance to check her machine out...for essential upgrades, natch...
if you're smut-despising other half is semi clued-up, to issue ipconfig /flushdns too.
U3 USB sticks.
What about running a browser on one? Aren't they supposed to leave nothing behind on the PC?
I use it for checking www.scrabblesolver.net on a laptop I occasionally share with my significant other. I'd hate her to know that, not only is she better than me , but cheating isn't helping.
My pr0n gets checked on an entirely differenct laptop.