Safari 4's Messy Trail 200
Signum Ignitum writes "Safari 4 comes with a slew of cool new features, but extensive data generation combined with poor cleanup make for a data trail that's a privacy nightmare. Hidden files with screenshots of your history, files that point back to Web pages you've visited and cleared from your history, and thousands of XML files that track the changes in the pages in your Top Sites can add up to gigabytes of information you didn't know was kept about you." Some of Safari's bloat is kept in quite obscure locations; it takes a fairly knowledgeable user to find it and clean it up. You can avoid some of the worst of it by disabling Top Sites.
Re:Advert co-incidence (Score:1, Informative)
haha
I've some "StopZilla anti-spyware" spam, myself
man, Slashdot looks like shit with Adblock disabled
Re:Safari does clean up after itself. (Score:4, Informative)
before: 737M -Caches-
after: 571M -Caches-
This is seriously fucked up.
Reset Safari (Score:3, Informative)
Re:Safari does clean up after itself. (Score:2, Informative)
That is a bit of contradiction there, you say that and in the next sentence you claim you need to press the "Empty Cache" button. That means unless somebody figures out how to flush the stuff Safari is happily recording you.
I can't see that option in the Windows version (beta), there is a preference to limit the size of the database, but not a clean up link in the menu.
Re:Oh expoitable (Score:5, Informative)
The real scary part of this for me is not the government, more on that in a sec, but your girlfriend/boyfriend/housemate. Anyone who feels like he/she wants to do some snooping now has a treasure chest of stuff to take out of context.
They've always had this. It's called "History" and "Temporary Internet Files". The only difference here is Safari has added screenshots.
If you're that worried, you can enter Private Browsing mode, you can selectively clear out parts of your history (and cache and screenshots), entirely clear out all of the above (including cookies), or just turn the feature off in the first place.
Re:Safari does clean up after itself. (Score:5, Informative)
/var/folders is generally folder for storing possibly sensitive data of ANY application. I don't know the exact reason of why some files are cached there and some in ordinary caches folder but I mean it is NOT just Safari cache. There could be caches of anything, any program.
It could be decided like ''If a program binary is signed and it connects to net'' by core OS itself. Again, it is just a very rough guess.
Did you really expect 700+ MB of Cache from a browser? It indeed cleaned its Cache and didn't touch other applications files. /var/folders is just randomized (sandboxed in future?) temp dir. Nothing exclusive to Safari or any other program.
It's Beta Software! (Score:3, Informative)
First of all this is a beta product that isn't shipping on anything and while it's trendy to think beta software is fully functional (Thanks Google) with Apple, beta generally means, "really this isn't finished, there's still stuff that's messed up here." (In fact this would apply to most Apple .00 products as well, which is fine since historically .1 or .01 is rolls a few weeks after the initial release.) In other words, stuff like this is to be expected.
Second, Safari has for the longest time provided this very nifty "Private Browsing" which will eliminate all of these issues.
Finally, if you dig in the preferences you can turn a bunch of this stuff off if it bothers you so much. Still feed the fire of Mac hate... whatever.
Re:Advert co-incidence (Score:2, Informative)
The Internet looks like shit with Adblock disabled
FTFY
Re:Mac abstraction affects the non-savvy... (Score:4, Informative)
Sorry, the menu item is "Safari -> Reset Safari..." where the option is to "Remove all webpage preview images".
Blogger with no idea! (Score:1, Informative)
Guy doesn't know what he is talking about. If you do some small investigation, you'll find that these are the previews for coverflow History. Deleting the history items deletes the previews. Also, using the 'Privacy' function in Safari does not store these previews. Thus snooping relatives won't find the porn you've been browsing all day for.
Re:beta software (Score:5, Informative)
Would anyone care to look at the permissions on the -Caches- folder in question? I know, it'll make it harder to spout hyperbole about security, but it could be instructional I think:
MacBook-Pro:1tUM+kJcGEqwqSH2bBdLR++++TI jim$ pwd
/var/folders/1t/1tUM+kJcGEqwqSH2bBdLR++++TI
MacBook-Pro:1tUM+kJcGEqwqSH2bBdLR++++TI jim$ ls -l
total 0
drwx------ 92 jim staff 3128 12 May 20:53 -Caches-
drwx------ 13 jim staff 442 23 May 20:12 -Tmp-
As you can see, the permissions on the -Caches- folder mean it's only readable by the owner, namely the current user. So it has the same protections as something inside the user's home folder. Also, by benefit of being in /var/folders/xxxx/-Caches- the operating system can clean this out more or less upon a whim-- this is, after all, the purpose of temporary folders and caches.
let me get this straight (Score:4, Informative)
The whole commotion is that temporary files are stored under per user only readable subdirs of /var instead of under ~/Library? I don't know about you but my home dir is mounted from a server. That seems a whole lot more secure (and efficient) to put that in a place more or less guaranteed to be local and not exported. It seems to me some people just have to learn about another place temporary data can appear. Also where it is makes it really easy to just rm -rf all of it when they want to.
Re:At least it is not windows temp (Score:4, Informative)
Re:Advert co-incidence (Score:2, Informative)
Not any more. If you're a good boy, you get to disable ads on
Re:Safari does clean up after itself. (Score:4, Informative)
I would do it in single user mode (Apple key+S on boot). What people (and that blog) doesn't understand is, that structure doesn't only carry Safari caches. There are some system caches, font caches and caches of OTHER users there.
Also they didn't even bother to check the new method of Safari (and other webkit) cache creation. They now create the file in a reasonable (64MB here) size and fill it with zeros.It is a flat file, I guess one of the reasons is to prevent fragmentation.
Safari does a good job cleaning it. The reason is ''force quit'' and similar. If it loses track of its own file, it (in fact, OS) re-creates in another random dir and they all add up.
Re:Mac abstraction affects the non-savvy... (Score:3, Informative)
It is not Safari writing the files there, it is the OS which redirects the files. Safari doesn't say ''let me create a weird dir to write my files'', it is OS which says ''Let me put Safari's caches to a weird place so it won't be easy to hack it and steal its caches''