So IOW, how do you ensure privacy when (a) even metadata is useful, (b) mail doesn't work without an address (metadata), and (c) you can't trust the mailman (Trent can be doubled)?
Private browsing isn't: Boffins say smut-mode can't hide your tracks
A group of boffins working at MIT's Computer Science and Artificial Intelligence Laboratory believe that “private” browsing modes aren't private, so have given developers a framework to fix it. The problem, wrote Frank Wang with his thesis advisors (Nickolai Zeldovich and luminary James Micken), is that even if you're using “ …
COMMENTS
-
-
-
Monday 26th February 2018 15:27 GMT rh587
Re: A pretty high bar
I'll be astonished if it becomes widely used by any generation. Requires website to actively forego information, just to "protect" user privacy (from whom, exactly?) I find it hard to think of any business case for that.
Women's Aid.
Opposition political sites in certain nations.
I can think of a few cases where you want to be absolutely certain that you're not leaving any traces in the user's machine.
The second case is perhaps less strong since activists would want to be using TOR or a VPN, ideally from a TAILS install or non-persistent VM since they need to hide at a network level. In the former case though, making sure there's no risk of leaving a "Women's Aid" logo in the browser cache is a very sound shout.
-
Monday 26th February 2018 20:17 GMT Anonymous Coward
Re: A pretty high bar
> just to "protect" user privacy (from whom, exactly?) I find it hard to think of any business case for that.
Ours is that negligence in protecting personal data would hardly boost our clients' confidence in our ability to maintain their highly sensitive industrial secrets confidential.
-
-
Monday 26th February 2018 08:52 GMT David Shaw
Re: Putin's hackers!
@PM, evidence here agree with you partially, 30 retired spies have been recently arrested for a multi-million dollar attack on oposition parties, opposition figureheads and just celebs who held the wrong opinion. Sadly lacks a link to Vlad.
http://english.yonhapnews.co.kr/national/2018/02/26/0301000000AEN20180226007600315.html
massive illegal political maneuver led by the state spy agency
reminder this is the South of Korea, refers to the previous administration, a previously fully on-message member of the enormous MIC *ntel agencies matrix. Subverting democracy, and getting caught - at least that sounds like a resurgence of democracy, if only, amazingly, in the snowy Korean Peninusula.
Spies/Officers do obviously have a real role to play, spy vs. spy, so counter corrupt Putin by all means - but stop subverting normal life with your cheap digital tools and your pervasive 'store everything' for later advantage. For the massed ranks of spies with their near trillions in budgets It is obviously so tempting to nudge 'your' version of democracy, that I'd be surprised if this wasn't happening everywhere on the planet, and not just where there are rooskies. That's an important fact, and I won't even mention the absurd Czech's. oops.
Back to the subject of the article, I have used TAILS(*), as a live boot CD, but in the correct paranoid-level of security I assumed even that was backdoored to some extent, and certainly my download of the tool was a flagged event. I consider 'private browsing' feature in Browsers to be another bit of security theatre - but maybe "Private Browsing" could work on some badvertiser javascript auction behind the scenes? getting a decent air-fare or insurance quote maybe!
(*)I needed to hide my data/metadata whilst I worked on some sensitive GMO related corn analysis figures for work, and that implied, and required, almost 'active terrorist cell' levels of IT, in order to preserve the security of the citizens, allegedly. It seems to have worked.
-
Monday 26th February 2018 08:48 GMT Anonymous Coward
I dont believe there is ever likely to be full privacy on the internet
There are too many ways of gathering meta-data and joining it back up as suggested above.
I am not sure that complete privacy is worthwhile in general use either.
That's like walking through my local high street shops and expecting nobody to recognise me. That seems a little odd. Although clearly I don't want my pockets picked it is normal to be seen out and about in the (real) world. Privacy and complete anonymity are not the same thing.
There must be a sensible line on this, I'm just not sure where it should be.
Overall though if it is your ISP controlling your privacy you may as well ignore it. If the authorities want your data they will simply harvest it the private side of the connection.
-
Monday 26th February 2018 12:21 GMT IamStillIan
Re: I dont believe there is ever likely to be full privacy on the internet
"I dont believe there is ever likely to be full privacy on the internet"
That'd basically be oxymoronic. The internet exists to communicate data. "Full privacy" for everyone about everything would mean don't communicate any data... As you say, it's about agreeing boundaries. The system is still relatively immature (compared to walking down the street..), opinions vary, the scope is wide, and enforcement is difficult. We're a long way off.
You walk down your street with knowledge of the area / community, and having decided the risk is acceptable; there maybe some streets you don't walk down because you don't feel that's true.
The real difference vs the down the street analogy is the scale and extent at which it can happen. People elsewhere in the world can do it en-masse in your street, and every other street. That changes the discussion because you no longer know which streets are safe, or what communicty you're interacting with, so your ability to choose is being eroded. Oddly enough that's an inverse privacy problem, where those doing the monitoring have too much privacy.
-
-
Monday 26th February 2018 09:43 GMT Anonymous Coward
I was going to write a article on my blog about what is left behind after you close a private browsing mode session.
I am going to start by doing a clean OS install and then open a private browser session and visit a few websites. After doing this was going to use some forensic file recovery tools such as Photorec to see what files can be recovered from the hard drive after the browser session is closed. Will try it with a few major browsers and see which one leaves behind the least traces.
-
Monday 26th February 2018 10:49 GMT g00se
I was going to write a article on my blog about what is left behind after you close a private browsing mode session.
Maybe post a link to it when it's done?
...to see what files can be recovered from the hard drive after the browser session is closed
Presumably a lot of files. How would you know which to look for? Isn't what 'sensitive' data can be recovered the important factor?
-
-
-
Monday 26th February 2018 13:06 GMT Anonymous Coward
Is this really news?
Firefox's simple explanation of Private Mode
"Important: Private Browsing doesn't make you anonymous on the Internet. Your Internet service provider, employer, or the sites themselves can still track what pages you visit. Private Browsing also doesn't protect you from keyloggers or spyware that may be installed on your computer."
-
Monday 26th February 2018 14:31 GMT Pen-y-gors
Re: Is this really news?
Presumably the same is true of 'Firefox Focus' on Android?
And presumably adding a (trusted) VPN to the mix complicates things a bit more, but is still imperfect if someone is determined to trace you and can get court orders in Bulgarian (or wherever your VPN comes out)
-
Monday 26th February 2018 15:33 GMT FrogsAndChips
Re: Is this really news?
Exacty, Private mode has never been about protecting yourself from your boss/your ISP/websites snooping on your browsing details, anyone thinking so was just fooling themselves.
PM is about hiding your history from your family, because you don't want them to discover your surprise birthday present or other questionable browsing habits (your definition may vary) through a Ctrl-H search or your Google bar. I don't care that some data may persist in “on-disk reflections of RAM such as the swap file”, I'm pretty confident it's beyond the skills of anyone in my household to get this stuff out of Firefox itself. That's good enough for me and all I'm asking from Private Mode.
-
-
-
Monday 26th February 2018 19:05 GMT Anonymous Coward
"Clear browsing history"
I noticed long ago that clearing the browsers history does very little.
I created a simple batch script that clears out a good portion of the data as well as clearing the DNS cache. (if you don't have it disabled already)
Bleachbit does a pretty decent job at this as well.
(I got a chuckle when I saw that a certain politician was used on Bleachbits official site: "Like a cloth or something?")
-
Monday 26th February 2018 22:24 GMT Anonymous Coward
You're as public as a person in a trench coat exposing them self in the park
Smut more, {grins} that about right, and stealth more, is going to the XXX store yourself.
If you want to keep it private, then keep it off the Net.
Has someone turned a (old) laptop and laser printer into a memory-typewriter, I would have though that they would have by now, where it would load and save files to the sd card reader and only scan and type to letters savable on the SD card, or could possibly phone-fax too. that would be it.
That's about as secure as it gets for computing and electronics
If you can do it in hardware, you can undo it in hardware
If you can do it in software, you can undo it in software.........
-
Tuesday 27th February 2018 08:27 GMT Lee D
"Incognito" means "don't use my saved cookies / history". Not "I'm invisible".
The page that shows when you turn it on on most browsers tells you that. If anything, it's a "pretend I'm not me, so I can test this page / log in as someone else" more than anything else.
As I tell the kids in the school I work, who all have 1-1 devices on the school Wifi... incognito mode is like huddling in a group in the playground giggling at something. All you do is go out of your way to attract more attention than you would have just browsing normally, and you don't actually hide ANYTHING of what's going on on your device - literally two clicks and I can tell you every site you went on while incognito (because, yes, we have managed devices with SSL interception, etc.). No, clearing your browser history doesn't remove all trace of you going on that site either. Because you can't clear the history of the next computer up the chain, which is the web filter.
To be honest, I get ten times more use out of incognito than they do, and legitimately. When you have to login as fifty different kids/staff/parents over the course of a day, it quickly becomes tedious to log them out, manage 20 users on Google accounts, etc., so I have one browser logged in permanently for my own stuff, and then an incognito window for demoing / testing other people's logins (which allows you to show the first run "please login" screens because it's a fresh run every time).
Incognito is more "don't send my *usual* saved information" than anything to do with privacy or security or anything else. If you think otherwise, you totally misunderstand its purpose, and you didn't read the screen that comes up when you do it.
P.S. if you want to browse privately, you need to VPN to a secure and anonymous computer with complete and unfiltered / unmonitored Internet access. That alone should tell you that for most people it's not really practical or possible. Sure, you can point at Tor, VPN providers, rent a machine using Bitcoin or whatever you want... it still doesn't mean that you're secure (Tor is notorious for operating exactly as designed and yet being trivially easy to leak data that you don't want to, VPN endpoints can monitor what you do, Bitcoin transactions can be tracked even if they don't immediately give up your name, etc.).
And the effort to go to that extent is beyond "just trying to secure my computer, your honour".
-
Tuesday 27th February 2018 13:39 GMT Anonymous Coward
I don't get this part...
So, as a site operator, I should add the Veil server service that would somehow obfuscate the URL the user accesses. Except that the connection would still observably go to my servers and my servers would need to know the real URL anyway.
I don't see what this should protect against. I might give the graphical firewall component a try, though.