Private browsing tools still leave data trail

Internet Explorer, Firefox, Chrome and Safari all have holes that could let a local attacker view data about a user's browsing activity, according to researchers
Written by Tom Espiner, Contributor

The private browsing features in Internet Explorer, Firefox, Chrome and Safari are not as protective as they promise to be, according to new research.

Privacy modes are designed to protect a browser user from having their online activity tracked by websites or by other people who use the browser on the same computer. However, the way the features are set up means that traces of data can still be found even when the tools are used, according to researchers from Stanford and Carnegie Mellon universities.

The team developed methods to test browser privacy and gave details as to how they pieced together browsing histories. They focused on people with access to the PC after the browsing session, calling these people 'local attackers' in a paper that is due to be presented at the Usenix security conference (PDF) on Wednesday.

Local attackers can access the DNS resolution history in a cache on a machine that uses the latest versions of Internet Explorer (IE), Firefox, Chrome and Safari, enabling the intruder to reconstruct if and when a user visited a website, according to the researchers.

In addition, operating systems swap out browser memory pages during private and non-private browsing sessions, leaving traces of both types of sessions, they said. Other points of entry are browser add-ons (such as plug-ins) and extensions, which leave traces on the hard disk.

"The developers of these add-ons may not have considered private browsing mode while designing their software, and their source code is not subject to the same rigorous scrutiny that browsers are subjected to," the researchers said in the paper.

Whitelists — a list of sites a browser can visit — added in private mode are added to disk, said the researchers, leaving a trail that can be read. URL mapping, which is written to disk, gives instructions for how the browser to behave on a specific sites and can also be used to trace the user's activity.

The researchers suggested a number of server-side solutions to the problem. For example, browsers could consult a block list of sites that should not be visited while in private-browsing mode, they said.

In addition, sites could display a policy statement saying that they would not violate private browsing. Alternatively, sites could post a seal that guarantees that any private browsing would not leave traces of data.

The team looked at IE InPrivate, Firefox Private Browsing, Safari Private Browsing and Chrome Incognito. In terms of usage, the researchers found that private browsing was more popular for use on adult websites than on gift shopping sites and news sites.

"This observation suggests that some browser vendors may be mischaracterising the primary use of the feature when they describe it as a tool for buying surprise gifts," said the researchers.

Editorial standards