Privacy mode

Internet Explorer 8 in InPrivate mode

Privacy mode or "private browsing" or "incognito mode"^[1] is a privacy feature in some web browsers to disable browsing history and the web cache. This allows a person to browse the Web without storing local data that could be retrieved at a later date. Privacy mode will also disable the storage of data in cookies and Flash cookies. This privacy protection is only on the local computing device as it is still possible to identify frequented websites by associating the IP address at the web server.^[2]

History

The earliest reference to privacy mode was in May 2005 and used to discuss the privacy features in the Safari browser bundled with Mac OS X Tiger.^[1] The feature has since been adopted in other browsers, and led to popularisation of the term in 2008 by mainstream news outlets and computing websites when discussing beta versions of Internet Explorer 8.^[3]^[4]^[5] However, privacy modes operate as shields because browsers typically do not remove all data from the cache after the session. Plugins, like Silverlight, are able to set cookies that will not be removed after the session. Internet Explorer 8 also contains a feature called InPrivate Subscriptions, an RSS web feed with sites approved for use with InPrivate browsing.^[6]

The common web browser plugin Adobe Flash Player began supporting privacy mode in Chrome, Firefox, Internet Explorer, and Safari with the release of version 10.1 in June 2010.^[7]

Uses

Privacy mode has multiple uses, including:^[8]^[9]^[10]

reducing history, including autofill, browsing, and personal information;
performing "pure searches" that are not influenced by prior browsing history or networks or friends' recommendations, which may weight and more highly rank certain results than others;
preventing accidental saving of log-in credentials to accounts;
signing into multiple accounts simultaneously, via multiple tabs;
testing websites;
preventing other users of the computer from finding one's search history;
preventing potentially embarrassing pornographic links from appearing on suggestions or tabs;^[11]

The Mozilla Foundation performed a study about the user behavior when the feature is switched on and how long the session lasts. The results were that most sessions last only about 10 minutes, though there are periods where activation increases; usually around 11 a.m. to 2 p.m., 5 p.m., between 9 p.m. and 10 p.m., and a minor peak about an hour or two after midnight.^[12]

Support in popular browsers

Privacy mode is known by different names in different browsers.

Date	Browser	Synonym
April 29, 2005 (2005-04-29)	Safari 2.0	Private Browsing
December 11, 2008 (2008-12-11)	Google Chrome 1.0	Incognito
March 19, 2009 (2009-03-19)^[13]	Internet Explorer 8	InPrivate Browsing
June 30, 2009 (2009-06-30)	Mozilla Firefox 3.5^[14]	Private Browsing
March 2, 2010 (2010-03-02)	Opera 10.50^[15]	Private Tab / Private Window
November 18, 2014 (2014-11-18)	Amazon Silk^[16]	Private Browsing
July 29, 2015	Microsoft Edge	InPrivate Browsing

Security

At the year of 2012 Brazilian researchers published the results of a research project ^[17] where they applied forensic techniques (namely the Foremost data carving tool and Strings program) to extract information about the users browsing activities on IE and Firefox browsers with their private mode enabled. They were able to collect enough data to identify pages visited and even partially reconstruct them.

This research was later extended^[18] to include Chrome and Safari browsers. The gathered data proved that browsers private mode implementation are not able to fully hide users browsing activities and that browsers in private mode leave traces of activities in caching structures and files related to the paging process of the operational system.

Another independent security analysis, performed by a group of researchers at Newcastle University in 2014, shows a range of security vulnerabilities in the implementation of the private mode across four major browsers (IE, Firefox, Chrome and Safari).^[19] The results are summarized below.

Browser extensions are potential threats to the user privacy. By design, existing browsers (e.g., Firefox, Safari) commonly choose to enable extensions in the private mode by default. This however allows an installed extension to secretly record the visited websites without the user's awareness. Newer versions of Chrome disable extensions in the private mode by default, but allow the private and the normal modes to run in parallel. This makes it possible for an installed extension in the normal mode to learn the user activities in the private mode by measuring the usage of shared computing resources.
Data erasure by the browser alone is found to be insufficient. For example, the records of visited websites during the private session can be retained in memory for a long time even after the private session is closed. In addition, the visited website records are usually kept by the operating system in the local DNS cache. Furthermore, the modified time stamps of certain profile files saved on the disk may reveal if the private mode was previously turned on and when it was turned on.
Software bugs present in some browsers are found to seriously degrade the security of the private mode. For example, in some earlier versions of Safari, the browser retained private browsing history records if the browser program was not closed normally (e.g., as a result of program crash), or if the user acted to add a bookmark within the private mode.
Depending on whether the session is in the private or the normal mode, web browsers typically exhibit different user interfaces and traffic characteristics. This allows a remote website to tell if the user is currently in the private mode, for example, by checking the color of the hyperlinks or measuring the time of writing cookies. (The fact that the user is using the private mode should be considered protected information as well.)

In 2010, professors at Stanford University found that while Firefox won't record your history during a private browsing session, it still records the sites on which you've installed SSL certificates (which enable secure, encrypted information exchange indicated by the "https" in front of the URL) and allowed specific permissions. If you download an SSL certificate from a website or told that site specifically to stop displaying pop-ups and downloading cookies, all of that information is still stored on Firefox.

In 2015, researchers from Pennsylvania State University found that a considerable amount of extensions on Firefox violated the private browsing policy based on an investigation of the top 2,000 extensions.^[20] Many extensions maintain their own profile folders on the local machine and most of them will not wipe out the browsing data after the private browsing session ends. This violation even happens on some most popular extensions with millions of users on Firefox.

References

1 2 Trapani, Gina (May 4, 2005). "Safari's private (porn) browsing mode". Lifehacker. Retrieved 2010-04-11.
↑ "HTG Explains: How Private Browsing Works and Why It Doesn't Offer Complete Privacy". How-To Geek.
↑ Foley, Mary Jo. "Microsoft to roll out more granular 'porn mode' with IE 8". ZDNet. Retrieved 2008-10-04.
↑ Sadighi, Lalee. "Microsoft's Internet Explorer 8 Goes 'Porn Mode'". Red Herring. Retrieved 2008-10-04.
↑ Kidman, Angus. "Microsoft releases IE8 beta 2: MS porn mode included". APC. Retrieved 2008-10-04.
↑ "IE8 and Privacy". Microsoft Developer Network. Microsoft. 2008-08-25. Retrieved 2009-07-06.
↑ Xu, Jimson; Nguyen, Tom (30 June 2010). "Private browsing in Flash Player 10.1". Adobe Systems. Retrieved 14 January 2011.
↑ Fiol, Taryn (23 October 2012). "7 Great Uses for Your Browser's Private Browsing Mode". Apartment Therapy.
↑ Obaiza, Osas. "5 Great Reasons Why You Should Use Private Browsing Online". Null Byte.
↑ Pash, Adam (25 August 2010). "Nine Great Uses for Private Browsing that Don't Involve Porn". Lifehacker.
↑ Morley, Deborah (2014). Understanding Computers in a Changing Society. p. 211.
↑ Ulmer, Hamilton (23 August 2010). "Understanding Private Browsing". Blog of Metrics. Mozilla Foundation. Retrieved 24 August 2010.
↑ "Microsoft Announces Availability of Internet Explorer 8" (Press release). Microsoft. 19 March 2009. Retrieved 16 December 2011.
↑ "Mozilla Cross-Reference mozilla1.9.1". Mozilla Foundation. Retrieved 2009-05-26.
↑ Mateu, Roberto. "Opera 10.5 pre-alpha for Labs". Opera Software. Retrieved 2009-12-22.
↑ "Private Browsing for Amazon Silk". Amazon Inc. Retrieved 2014-11-18.
↑ R. Ruiz, F. P. Amatte, K. J. B. Park, Tornando Pública a Navegação “In Private”. Proceedings of the Seventh International Conference on Forensic Computer Science – ICoFCS 2012, Available online Sep 2012.
↑ R. Ruiz, F. P. Amatte, K. J. B. Park, Opening the “Private Browsing” Data – Acquiring Evidence of Browsing Activities. Proceedings of the International Conference on Information Security and Cyber Forensics (InfoSec2014), Available online Oct 2014.
↑ K. Satvat, M. Forshaw, F. Hao, E. Toreini, On the privacy of private browsing – A forensic approach. Journal of Information Security and Applications, In Press, Available online 3 April 2014.
↑ B. Zhao, P. Liu, Private Browsing Mode Not Really That Private: Dealing with Privacy Breaches Caused by Browser Extensions. In Proceedings of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2015), Rio de Janeiro, Brazil, Available online June 2015.

External links

Mozilla Specification for Private Browsing

Web browsers

Features	Ad filtering Augmented browsing Bookmarks Bookmarklet Live bookmark Smart Bookmarks Browser extension Browser security Browser synchronizer comparison Cookies Download manager Favicon Incremental search Plug-in Privacy mode Tabs Universal Edit Button

Web standards	Acid tests Cascading Style Sheets HTML HTML5 JavaScript MathML OCSP SVG WebGL XHTML

Related topics	BrowserChoice.eu CRL HTTP HTTPS iLoo Internet suite Man-in-the-browser Mobile Web Offline reader PAC Pwn2Own Rich Internet application Site-specific browser SPDY SSL/TLS WebSocket Widget World Wide Web WPAD XML

Desktop

Blink-based	Chromium Brave Chrome Dragon Opera Sleipnir Slimjet SRWare Iron UC Browser Vivaldi Yandex.Browser Sputnik

WebKit-based	Arora Avant Dooble Epic Flock Fluid iCab Konqueror Lunascape Maxthon Midori OmniWeb Origyn Web Browser Otter Browser QtWeb QupZilla rekonq Safari Shiira SlimBoat surf Torch Uzbl Web WebPositive xombrero

Trident-based	AOL Explorer Avant Deepnet Explorer GreenBrowser Internet Explorer Lunascape Maxthon MediaBrowser MenuBox NeoPlanet NetCaptor SlimBrowser SpaceTime UltraBrowser WebbIE ZAC Browser

Gecko-based	AT&T Pogo Avant Camino Firefox Conkeror GNU IceCat IceDragon Swiftfox Swiftweasel TenFourFox Timberwolf Tor Browser Waterfox xB Browser Galeon Ghostzilla K-Meleon Kazehakase Kirix Strata Lotus Symphony Lunascape Mozilla Beonex Communicator Classilla Netscape SeaMonkey

Text-based	ELinks Emacs/W3 Line Mode Browser Links Lynx w3m

Other	abaco Amaya Arachne Arena Charon Dillo eww Gazelle HotJava IBM Home Page Reader IBrowse KidZui Microsoft Edge Mosaic Mothra NetPositive NetSurf Pale Moon

Mobile

Blink-based	Android Browser Chromium Brave Chrome Opera Mobile Silk

WebKit-based	BOLT Dolphin Browser Firefox for iOS Maxthon Mercury Browser Nokia Browser for Symbian Rockmelt Safari Steel

Trident-based	Maxthon

Gecko-based	Firefox for Android MicroB Minimo

Presto-based	Opera Mini

Other	Blazer CM Browser Deepfish ibisBrowser Internet Explorer Mobile Iris Browser Konqueror Embedded Microsoft Edge NetFront Nokia Xpress Skweezer Skyfire Teashark ThunderHawk UC Browser Vision WinWAP

Television and video game console

WebKit-based	Google TV Nintendo 3DS Internet Browser Nintendo DS & DSi Browser NetFront Steam Overlay Wii U Internet Browser

Gecko-based	Kylo

Presto-based	Internet Channel

Other	MSN TV

Software no longer in development shown in italics

Category
Commons
Internet portal
Software portal

This article is issued from Wikipedia - version of the 11/9/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.