Tuesday, August 10, 2010

Private Browsing: Not so private after all.

Firefox private browsing UI

Image by Vurter via Flickr

In an article published this morning over at ZDNet, by Tom Espiner, it appears that clicking on that Private Browsing mode in your Internet Explorer, Firefox, Google Chrome or Safari may not be all that private after all. 

The private browsing features in Internet Explorer, Firefox, Chrome and Safari are not as protective as they promise to be, according to new research.

Privacy modes are designed to protect a browser user from having their online activity tracked by websites or by other people who use the browser on the same computer. However, the way the features are set up means that traces of data can still be found even when the tools are used, according to researchers from Stanford and Carnegie Mellon universities.

The team developed methods to test browser privacy and gave details as to how they pieced together browsing histories. They focused on people with access to the PC after the browsing session, calling these people 'local attackers' in a paper that is due to be presented at the Usenix security conference (PDF) on Wednesday.

Local attackers can access the DNS resolution history in a cache on a machine that uses the latest versions of Internet Explorer (IE), Firefox, Chrome and Safari, enabling the intruder to reconstruct if and when a user visited a website, according to the researchers.

In addition, operating systems swap out browser memory pages during private and non-private browsing sessions, leaving traces of both types of sessions, they said. Other points of entry are browser add-ons (such as plug-ins) and extensions, which leave traces on the hard disk.”

Here is a link to the full article over at ZDNet.Co.UK

No comments:

Post a Comment

I have moderated my comments due to spam.