Browser Private Modes Not So Private After All

CWmike writes "Browsing in 'private mode" isn't as private as users think, reports Gregg Keizer. 'There are some traces left behind [by all browsers] that could reveal some of the sites that you've been to,' said researcher Collin Jackson. He, along with three colleagues, will present their findings on Tuesday at the Usenix Security Symposium in DC. IE, Firefox and Safari, for instance, leave traces of SSL encryption keys even when run in private mode, while IE and Safari on Windows preserve self-signed SSL certificates in a 'vault' file that could be read by others to track the browser's path. Firefox also retains evidence of some certificates. Private mode has also been billed as a way for users to hide themselves from the prying eyes of sites that try to track habits and histories. Jackson said most users see that as the biggest attraction to private mode. 'Some browsers do a better job of protecting you from other types of scenarios, such as Web site tracking,' Jackson said. 'Safari is very much more willing to reveal you to Web sites than the others.'"

Opera

[AnonGCB]

Opera wasn't included, but I'm very curious as to how good their private mode is.

Don't forget about flash

[DeHackEd]

Flash cookies, or even any temp files left behind by video playback. I've heard it happen. See if anything was left in your Temp directory matching "Flash*" and play it back as .flv or .mp4. Very incriminating evidence

Encrypt It.

[Anonymous Coward]

Maybe I'm paranoid, but this is why I simply use a portable version of Firefox with a profile stored in a TrueCrypt volume.

Re:You need all of your files on a ramdisk

[vux984]

When I want to browse in high security / high privacy I use a virtual machine and delete all changes when shutting it down. (ie so the vm is in precisely the same state it was in when i turned it on.) This also gives me some reasonably good protection from viruses/malware/ and other crud, since unless it manages to break out of the VM, it goes away when I shut the VM down.

Doesn't seem like a hard problem to solve ...

[BitZtream]

In private browsing mode, hook fopen, all "w" calls get redirected to a special directory, all fopen "r" calls get checked to confirm they are either referencing that directory or referencing known acceptable files (maybe certain preferences).

That instantly solves ALL in-process code. Its not something that would share all its code across platforms since the hooking mechanisms are different but it is going to be the only sure fire way to be safe.

Out-of-process plugins would require a different approach, but since the browser starts them it could hook them as well if the effort was put forth. You hook flash and don't let it write anywhere but where you tell it too, then those retarded flash cookies can't give you away either.

Clear the directory when leaving private browsing mode.

I can't think of any real OS that you can't do this on fairly easy. Windows is doable although it takes a little bit of effort, most UNIX clones are trivial to hook. Might be a problem for browser ports to oddball devices (which I'm counting phones in this group since they are radically different, even if common) but its also probably much less of a concern there. I'm not aware of a private mode for Mobile safari so it doesnt' seem that anyone cares anyway, or am I just missing it?

Re:Biggest Attraction

[jdgeorge]

"Jackson said most users see that as the biggest attraction to private mode."

Nonsense. The biggest attraction of private mode is that hotteennymphosexkittens.com doesn't show up in the suggestions when someone borrows your computer to check Hotmail.

If you want real privacy you shouldn't be trusting a web browser privacy mode.

Good point, but I thought the attraction was so web sites can't sniff your browsing history. [mozilla.com]

Javascript errors still go to syslog...

[Anonymous Coward]

I noticed that javascript errors still go to syslog in private mode on Safari, at least.

Re:Flash cookies remain too

[hvm2hvm]

I use a virtual machine and I restore the previous snapshot after each browsing session, beat that!

Privacy, CLI-style

[by (1706743)]

If I ever encounter a link which I'm curious about more from an academic perspective than anything else (e.g., a link from a possibly-legitimate-but-likely-spam email), I'll just wget it and then go through the page source and/or view it with a browser.

This anecdote is a little off-topic I guess, but as far as privacy goes, I suspect it's a pretty decent way of going about things.

Re:Flash cookies remain too

[robi2106]

What a rookie..... you left IP address traces on the gateway logs of your ISP. better nuke your ISP from orbit just to be safe.

Re:Opera

[ReederDa]

I'd like to know how Chrome is rated with this.