There’s no shame in firing up a private browsing window from time to time. Whether it’s to visit a NSFW website or to protect your personal information like your email on a public computer. But while private browsing modes do their best to erase your tracks, they can also leave digital clues behind.
HOW? LETS SEE BELOW
The virtue of a feature like Chrome’s Incognito Mode, of course, is that whoever uses that computer after you shouldn’t be able to see the sites you’ve visited, because the browser doesn’t record your history. But traces of your browsing can still remain on your computer after you’ve closed that Incognito window. A phenomenon that can happen in a couple different ways, says Frank Wang, a computer science doctoral candidate at MIT.
One vulnerability has to do with something called a domain name service (or DNS) request. When a browser connects to a website—say, gadgetnasha.com it needs to translate those letters into numbers, and that process can leave footprints in your operating system, Wang says, in a place called the DNS cache. If a person got access to your machine, hecould exploit this vulnerability to figure out what sites you’ve visited. “It’s not very hard actually,” he says.
That’s because just closing your browser after private browsing doesn’t clear that cache, he notes. “The browser doesn’t have enough privilege or access to do that,” Wang says.
BROWSER STORES YOUR DATA IN YOUR HDD AND THAT MAY NOT BE DELETED WHICH IS A HUGE PROBLEM WHEN YOU ARE BROWSING PRIVATELY.
Another vulnerability is that your operating system could write information to your hard drive while you’re browsing in private mode to help manage memory efficiently. That happens, Wang says, when your machine starts running out of memory. The result is that HTML code from the sites you were visiting could wind up on your hard drive, which the browser would not delete later. The issue in both of these cases is that your browser doesn’t have access to these parts of the operating system to clean up after itself. Chrome doesn’t have control over how Windows works, or how my macOS X works. Would you necessarily want to give an application that kind of control?
So Wang is proposing a new system, called Veil, that would address these problems. The idea is that instead of going straight to the website you want to visit, or even launching an Incognito window. You could first navigate to a special Veil website, and then access the other sites you wanted to visit through that one. From there, the system “sends a request to what we call ‘blinding servers”, Wang says.
USE BLINDING SERVERS
The service is currently theoretical, but it would mean that your internet service provider wouldn’t know what website you’re actually visiting—it would only see the connection to the blinding server, which hosts the actual content. The idea, which also makes use of encryption, has additional appeal because it means not using a Google-made service to shield your browsing history. “We don’t want to rely on Chrome for private browsing,” he says.
Hana Habib, a doctoral student in the societal computing program at Carnegie Mellon University, points out another potential flaw in the way private browsing works: If a browser crashes in the middle of a private session, that could interrupt a process that some browsers use in which they only delete information after the session has been properly closed, she says. A way that the private browsing feature could be improved: a “time-out function” to auto-close a window that was accidentally left open, just like the way your bank logs you out if you haven’t been active in that tab for a while.
EVEN AFTER PRIVATE BROWSING YOUR ISP KNOWS EVERY THING ABOUT WHAT YOU BROWSE.
Don’t forget that with private browsing, your internet service provider still knows what sites you’ve connected to. If you’re using a machine at work your employer will know what sites you visited.
But even though private browsing isn’t perfect, it all depends on what your goal for using it is. “A lot of people use private browsing to hide their activity from other people who might use their computer later”. “And for that, private browsing does a pretty good job of protecting users against that particular threat.”