back to article Oh dear... Netizens think 'private' browsing really means totally private

Netizens have the wrong idea about what their web browser's "private" or "incognito" mode actually does. This is according to researchers at the University of Chicago, in the US, and Leibniz University Hannover, in Germany, who this week declared that folks mistakenly believe that by enabling the incognito browsing mode, they …

  1. Anonymous Coward
    Anonymous Coward

    Slurprise Slurprise

    Are these the same users who don't know who actually owns Instagram?

    https://www.bloomberg.com/news/features/2018-04-10/instagram-looks-like-facebook-s-best-hope

  2. niio

    An article that says everyone is thinking wrong but never states what is correct?

    1. Anonymous Coward
      Anonymous Coward

      An article that says everyone is thinking wrong but never states what is correct?

      Maybe it's because to most(?) El Reg users, it is commonly known. If you want the tl;dr version, every percent results El Reg stated the participants thought are the wrong choice.

      For the long version:

      1) logging into a Google account in private mode would not prevent searches from being saved to the account's history. You can see everything from in the Google account privacy page.

      2) bookmarks saved in private mode would not show up under standard mode. It's because it says that it saves bookmarks right from the private mode description when opening an empty tab.

      3) private mode would not prevent a website from tracking their location. It's because internet cookies, scripts and whatnot are loaded when you open the website which can already track the location.

      4) private mode does not offered them better protection against malware. Refer to 3, everything is loaded when you open the website unless otherwise.

      5) private mode would not obscure their public IP address. It's because it doesn't do anything to their IP address.

      private mode doesn't do much, but this is the one thing it really do.

      It deletes cookies, temporary internet files, history and other data after you're done using. So it's great when you don't want to keep any internet junks with that browser. It's a great way to keep your browser fast as it no longer keeps a daily changing website of junks. It also stop your local friendlies from seeing your one time search on buttplug.

      1. Jonathan Richards 1
        Facepalm

        re Long version

        Exactly so. The survey results might be explained by ICT (Impulsive Click-Through) by users entering private browsing mode(s), or perhaps by participants never using such modes, and just guessing the answers.

        I just checked what Chrome tells one when opening an Incognito window:

        You’ve gone incognito

        Now you can browse privately, and other people who use this device won’t see your activity. However, downloads and bookmarks will be saved. Learn more

        Chrome won’t save the following information:

        -Your browsing history

        -Cookies and site data

        -Information entered in forms

        Your activity might still be visible to:

        -Websites that you visit

        -Your employer or school

        -Your Internet service provider

        So in this case at least, there's no good reason for the misunderstanding.

        1. Charles 9 Silver badge

          Re: re Long version

          Yes there is. It's called Stupid User Glossover. The moment they read a catch word like Private, everything beyond it might as well be Gobbledygook for all it's worth; they've all stopped reading at that point, and it's doggedly difficult to train them otherwise because the only way to do so is to threaten them in one of the key areas: their money (so they start paying attention to frauds), their life/health (safety warnings), or their freedom (remind them of court).

          Makes you think people should require a license to use the Interner.

          1. Tikimon
            Facepalm

            Re: re Long version

            "It's called Stupid User Glossover."

            Only if you're a smug jerk. Don't blame the users! The blame lies with Misleading Marketing. "Unlimited Broadband" and "Private Browsing" have clear meanings that The Average Joe has every right to expect they mean when they see them used somewhere. The tech industry has misused and abused these words into a kind of Newspeak, where words mean their opposites. The whole purpose is to DECEIVE THE CONSUMER. Nobody is trying to stop them (it's a clear case of fraud) so it tends to succeed.

            The consumers are deceived by aggressive and consistent misinformation campaigns. It doesn't make the users stupid. It shows the stupidity and dishonesty of the tech industry. Rather than rail at "stupid users" why don't we attack the dishonest companies who make lies and exaggerations their main marketing strategy? Say "Private" and by God it will be or you will be sued for fraud and deceptive advertising.

            1. really_adf

              Re: re Long version

              "It's called Stupid User Glossover."

              Only if you're a smug jerk. Don't blame the users! The blame lies with Misleading Marketing.

              Much as I hate marketing, and am generally cynical, it seems a big assumption that the express intent is to deceive. Like "unlimited broadband" (that you mentioned), "private" browsing is an unavoidable simplification.

              Users absolutely have to take some responsibility. The information is right there, they just have to read it. But many don't, and make assumptions.

              As I recall, some years ago, Microsoft advertised (on TV) IE's "private" mode as a way to hide something like buying your spouse a present, which it works well for, IP-based advert targeting aside.

            2. Charles 9 Silver badge

              Re: re Long version

              "Only if you're a smug jerk. Don't blame the users!"

              Users who (IRL) pull on doors even though there's a big fat sign on it saying "CLOSED"?

              Users who (IRL) pull up to a pump and pull off the BAGGED dispenser, even though there's a big fat sign on the pump saying "OUT OF SERVICE"?

              Put it this way. There's a reason the late Sir Terry Pratchett once wrote that if there was such a thing as "END OF THE WORLD BUTTON. DO NOT TOUCH!" the paint wouldn't even have time to dry. YES, there IS such a thing as "too bloody stupid to live, but alive nonetheless."

        2. veti Silver badge

          Re: re Long version

          It says "Chrome won't save" all those things. It very clearly does not say that anyone else will. And considering who publishes Chrome, I'm pretty sure that's deliberate.

          Do you think the naive user understands the role of each party involved in their internet browsing? Seriously, if they realise that their ISP is separate from Google, it'd be more than I expected. As far as they know, if "Chrome", whoever that is, forgets these things, then they're forgotten.

          1. SineWave242

            Re: re Long version

            Nothing surprises me any more. I know some users who think Google is Internet.

      2. Tomato Krill

        Except because of 3 you will still find 3rd party buttplug ads in every site for months on your browser and everyone else on your LAN

        1. Adrian 4 Silver badge

          No, because someone interested in buttplugs could conceivably be interested in more than one.

          It's well known that adverts appearing because of your browsing history only recommend items that you'd only buy again after considerable time had passed (cars, refridgerators, sofas). God forbid that anyone would actually see an advert that was useful.

          1. Mage Silver badge

            Re: only recommend items that you'd only buy again after considerable time

            Really... perhaps that was sarcasm.

            How many toilet seats, new taps, Tablets do I want?

          2. DJSpuddyLizard

            It's well known that adverts appearing because of your browsing history only recommend items that you'd only buy again after considerable time had passed (cars, refridgerators, sofas). God forbid that anyone would actually see an advert that was useful.

            Is that why, six years later, Amazon is still suggesting baby products to me?

      3. Weiss_von_Nichts
        Stop

        Logging into accounts "privately"

        There's one thing you have mentioned but which can not be stressed out often enough: If you log into your account anywhere, no matter if using VPN, Tor or whatever magic, *you have identified yourself* to the site. Therefore you are *not* anonymous and not protected from tracking. Just the opposite: you have explicitely told them who you are and they'll know what you are doing there. That's the whole purpose of logging in.

        1. Prst. V.Jeltz Silver badge

          Re: Logging into accounts "privately"

          hey well put.

        2. veti Silver badge

          Re: Logging into accounts "privately"

          Actually, there's a good bit of overhyping going on here.

          If you're logged in to Google, and you open an incognito window - even while keeping your regular browser session still open - the incognito window isn't logged in to Google, or any other accounts for that matter. So any searches you do in that window - unless you log in again - will not be recorded against your account profile. I know this is true in Chrome and Firefox, it's probably also true in the others.

          Of course Google will still know it was you making those searches, but frankly if there's anything you don't want Google knowing about you, you're best off not doing it on a computer at all. But (unlike Facebook), Google don't tell.

      4. Randy Hudson

        Both the AC and Chrome's own incognito message left out an important bit. Not only are any newly-established cookies eventually tossed out, but equally important, any existing cookies from your normal browser usage are kept separate from the cookies used in the private/incognito mode.

        It's like sitting down at a new device/browser install, using it for the first time, and nuking it when you're done.

    2. Nick Kew Bronze badge

      What's correct is obvious enough on a moment's reflection. This is a tech-savvy community!

      Perhaps more a case of reporting a survey that took unsuspecting users, sprung questions they'd never considered on them, and got answers that, on a moment's reflection, the user might want to reconsider.

  3. sanmigueelbeer Silver badge

    If you have any recommendations, post away in the comments.

    Opera browser have built-in VPN.

    Bad part about Opera browser's VPN is the limited amount of "destinations" to choose from: America, Asia and Europe.

    1. Craigie

      Didn't they just discontinue the Opera VPN?

  4. Brian Miller

    It's the Internet, all your privacy are belong to them!

    Well, I usually use Firefox, NoScript, and Cookie AutoDelete. Of course my main OS is Linux.

    That just means I get generic junk ads, instead of targeted junk ads. It does not mean that I am totally anonymous on the information superhighway. My IP gets passed around in the background among ad servers, instead of individual cookie information. Since JavaScript is usually disabled, there isn't anything there to run that I don't know about. And of course I restart my browser regularly.

    But of course, didn't anybody mention that "privacy" does not equate to "anonymity?"

    1. Anonymous Coward
      Anonymous Coward

      yes, sometimes

      From FF/WF's new tab page in 'private' mode:

      "When you browse in a Private Window, Firefox does not save:(visited pages)(cookies)(searches)(temporary files)

      Firefox will save your:(bookmarks)(downloads)

      Private Browsing doesn’t make you anonymous on the Internet. Your employer or Internet service provider can still know what page you visit."

      So it stops short of indicating Tor but does imply there are things for which the browser can't just switch on easy fixes. If people don't understand, it's just as was already said: they don't read. Or they don't have that modicum of trust in their own ability to interpret correctly, so they don't even try, defeating the purpose of authors simplifying it ITFP...

      1. Prst. V.Jeltz Silver badge

        Re: yes, sometimes

        "When you browse in a Private Window, Firefox does not save:(visited pages)(cookies)(searches)(temporary files)

        Firefox will save your:(bookmarks)(downloads)

        So its all local info anyway that no one else can see, apart from the cookies?

        So the only difference is you wont get a load of adverts for the thing u just bought?

        and u wont get auto logged in to any sites ..

        1. Missing Semicolon

          Re: yes, sometimes

          There is the other thing it does - not only are any cookies you acquire during private browsing forgotten, but you start the session with no cookies.

          So opening Facebook in a provate session ensures that:

          * Facebook does not get any of the tracking information that it dropped via the "like" buttons on other sites, and

          * When you close the page, the fact that you visited Facebook is now invisible to any other site.

          What is true for FB is also true for DoubleClick/adfly/maxymiser/twitter/adnxs and wotnot.

          1. Charles 9 Silver badge

            Re: yes, sometimes

            Until they track you by other means like IP, browser fingerprint, canvas, etc. A lot of which CAN'T be concealed.

            1. Martin-73 Silver badge

              Re: yes, sometimes

              The lack of concealability is actually a non-entity these days. ALL of those things you mention can be had by buying a hypercheap tablet or disposaphone and using only public wifi. However, if you're prepared to go to those lengths, you may attract attention from someone other than vendors of buttplugs. As with all things, shades of grey (MORE than 50 of 'em)

    2. Anonymous Coward
      Anonymous Coward

      Re: It's the Internet, all your privacy are belong to them!

      "Well, I usually use Firefox, NoScript, and Cookie AutoDelete. Of course my main OS is Linux."

      Currently I use Firefox configured for privacy/security, plus NoScript, Ghostery, Privacy Badger, and uBlock Origin, with no permanent trust, and a paid VPN service hosted in another country.

      If I were seriously concerned about not being tracked in a specific instance, I would be using a VM running a read-only Linux image, hosted on my customary Linux OS.

  5. Ole Juul

    duped a long time ago

    I think most people just can't imagine the size and scope of the problem. They really want to believe that they will not be taken advantage of when signed into Google and Facebook, or whatever other favourite social info gathering sites they've gotten used to. The idea that being private actually excludes some of their most loved habits is simply untenable.

    I think that some people would change their habits if they really understood what was going on. However, I doubt that the larger proportion of people actually want to know. They're into it now, and they feel OK. They may think it's fine if the government can do something, but they're not going to do anything themselves.

    1. Prst. V.Jeltz Silver badge
      Trollface

      Re: duped a long time ago

      "I think that some people would change their habits if they really understood what was going on"

      I dont think theyd give a fuck to be honest.

      it beats paying for stuff.

      I dont care if facebook know my favorite music.

      I'm still waiting for someone to explain to me what the real life cost is of "your data", so far no ones even said which data it is.

      And dont give me that "They will force you to vote for the devil as el presidente against your will" through the power of your miind story.

      1. Anonymous Coward
        Anonymous Coward

        Explain to me what the real life cost is of "your data"

        As mentioned in a previous El Reg article, Facebook had requested and obtained "anonymized" healthcare records. Not sure what their purpose was except that, of course, it was doubtless for the greater good.

        So: match up that "anonymized" healthcare data with the Facebook account data and you'd have a nice little treasure trove. I imagine Facebook would find willing buyers for that information: Life Insurance companies, Health Insurance companies, Potential Employers......

        1. Prst. V.Jeltz Silver badge

          Re: Explain to me what the real life cost is of "your data"

          ok , so armed with that little treasure trove , I load face book and an advert pops up at the side saying "hey fancy some life insurance?" I'm still not seeing the problem.

          And I'm not buying that it could be "matched up"

          Its a bit of a leap to go from "dont put what you had for tea on social media" to :

          "Facebook have a copy of your medical records that they will sell to anybody"

          If however , your facebook page is covered with examples of you being a dick , that might well threaten your employment chances , but thats your own fault .

          1. Anonymous Coward
            Anonymous Coward

            And I'm not buying that it could be "matched up"

            I think you suffer from a lack of imagination and an understanding of the subject.

            One example: Say you had a Dr appointment at a certain location on a certain day. Suppose Facebook has your location at that day and time - people do check in, God knows why. We got a match.

            The problem then isn't a potential employer seeing something posted on your account.

            Here is a scenario: You apply for a job. That employer checks you against the data sold to them by Facebook. Well, this guy is going to be out a lot because of his medical condition. No offer.

            Was that their intent here? Who knows? But why in God's name would Facebook want "anonymized" healthcare data in the first place?

            Would Facebook do that? Well, they had no problem directing real estate ads to their accounts based on race in violation of the civil rights acts in this country.

          2. Graham Cobb Silver badge

            Re: Explain to me what the real life cost is of "your data"

            ok , so armed with that little treasure trove , I load face book and an advert pops up at the side saying "hey fancy some life insurance?" I'm still not seeing the problem.

            In real life, you don't tell everyone you come into contact with (from the door opener at the mall, to your boss, to your spouse, to your doctor) the same things. Sometimes these are big important things, other times they are just "nobody else's business". You are many different persona, presenting many different views of your life to many different groups of people.

            Maybe you don't want your potential employer to know you are pregnant. Maybe you don't want your daughter to know, yet, that your doctor has told you you have cancer. Maybe you want to go looking for a new car without the seller knowing your old car has just died and you need to buy something in a hurry. Maybe you coach a kids football team and you don't want them to find out that you are thinking about moving away because it isn't certain yet. Maybe you don't want the investment company you are talking to to know that you have over $1M invested elsewhere because you want them to offer you a discount to get you into saving. Maybe you don't want the car insurance company you have just contacted to know how much your current insurer has quoted. Maybe you don't want Amazon to work out the most you are willing to pay every time it shows you a price.

            Maybe you just think cartels are illegal for a reason and you don't want commercial companies exchanging information, gossip and rumour about you -- you need some advantage in negotiating deals in an age with massively asymmetric information.

            1. Prst. V.Jeltz Silver badge

              Re: Explain to me what the real life cost is of "your data"

              Ok, i concede there are some good examples there

  6. Anonymous Coward
    Anonymous Coward

    Private mode is simple enough - it means your browsing is private from your GF if you let her use your computer later. Or from the next user at a public computer in the library.

    So, almost no use cases, really.

    1. Roger Greenwood

      Private unless you visit a website using flash - then flashplayer keeps its own archive/cache outside the browser.

    2. Jamie Jones Silver badge

      But again, not necessarily.

      Many browsers record private mode access to disk, albeit in temporary files, or deleted on exit.

      It seems you'd be surprised how much "private" stuff alot of these browsers reveal was you do a raw dump of a database file, or failing that, the raw device.

    3. Anonymous Coward
      Mushroom

      @AC

      "So, almost no use cases, really."

      Bullshit.

      I think that's merely what this fake study wants you to believe. They claim that "A majority of browsers doesn't inform the users" but that's a blatant lie. If they're this inaccurate, then how am I suppose to believe the percentages? Also considering that testing this majority aspect would be extremely easy.

      There is a lot of value in private browsing, but I get the impression that some forces would rather see it disappear. Maybe even badly enough to fire up a fake study.

  7. Anonymous Coward
    Anonymous Coward

    Like with a cloth or something?

    bleachbit_console.exe -c --no-uac --preset

    1. Jonathan Richards 1

      Re: Like with a cloth or something?

      A Microsoft executable that takes arguments delimited by hyphens? Last time I looked, CMD used slashes, e.g. dir /s

      To be fair, I haven't looked for quite some time...

      1. Baldrickk Silver badge

        Re: Like with a cloth or something?

        Ususally, it uses `/`es. many will accept `-`s though in addition. These days it's rare that both are not supported, but not rare enough imho.

        1. Prst. V.Jeltz Silver badge

          Re: Like with a cloth or something?

          nmap.exe 11.185.14.0-255 -p2701

      2. Anonymous Coward
        Anonymous Coward

        Re: Like with a cloth or something?

        "A Microsoft executable that takes arguments delimited by hyphens? Last time I looked, CMD used slashes, e.g. dir /s

        To be fair, I haven't looked for quite some time..."

        Well, To be fair, I am using the BleachBit Portable that doesn't require installation and has self contained Python DLL and scripts (I have an SSD so the "-o" option was not included in my command line):

        Usage: bleachbit_console.exe [options] cleaner.option1 cleaner.option2

        Options:

        -h, --help show this help message and exit

        -l, --list-cleaners list cleaners

        -c, --clean run cleaners to delete files and make other permanent

        changes

        --debug-log=DEBUG_LOG

        log debug messages to file

        -s, --shred shred specific files or folders

        --sysinfo show system information

        --gui launch the graphical interface

        --no-uac do not prompt for administrator privileges

        -p, --preview preview files to be deleted and other changes

        --preset use options set in the graphical interface

        --update-winapp2 update winapp2.ini, if a new version is available

        -v, --version output version information and exit

        -o, --overwrite overwrite files to hide contents

  8. adnim

    I have a huge one.

    Hosts file that is

  9. Anonymous Coward
    Anonymous Coward

    I just have one of those Privacy Filters on the actual monitor. Nobody can see what I'm doing with one of those.

    1. Prst. V.Jeltz Silver badge

      they only work if you are also under your duvet

  10. Maelstorm Bronze badge
    FAIL

    Forensic Analysis

    I have just completed a comprehensive forensic analysis of Google Chrome's incognito mode. And I have to say that it does as advertised. It does not save any cookies, history, etc... to the disk. However, if you tell it to save passwords, bookmarks, or download files, those it will keep track of...but ONLY ON YOUR OWN COMPUTER!!! I think that's where people are making their mistake. Nothing can prevent websites, or your ISP from tracking you on the web as that is outside the browser's control.

    Interestingly enough, there are artifacts in RAM but that is required because if the browser isn't in memory, it isn't running. As a consequence, some of that memory gets swapped to disk. However, that is also outside the control of the browser. But a user can configure Windows to clear the swap file on shutdown using a registery tweak.

    1. Prst. V.Jeltz Silver badge

      Re: Forensic Analysis

      "Nothing can prevent websites, or your ISP from tracking you on the web as that is outside the browser's control."

      Wouldnt disabling cookies do it?

      for the websites i mean , your ISP will , as you say , know everything.

      1. JohnFen Silver badge

        Re: Forensic Analysis

        "Wouldnt disabling cookies do it?"

        No. There are numerous methods of tracking that don't require cookies. In fact, internet ad companies are relying less on cookies every year, because so many people block them anyway.

        1. Prst. V.Jeltz Silver badge

          Re: Forensic Analysis

          Like what?

          1. Anonymous Coward
            Anonymous Coward

            Re: Forensic Analysis

            Like canvas fingerprinting, OS fingerprinting, behavioral fingerprinting, 'external cookies', javascript, webRTC leaks, typing pattern, geolocation, IP, contact lists, browsing history, social media buttons, web bugs, font configuration, linguistic patterns in posts and comments, time zone, DNS configuration, protocol analysis, traffic analysis, metadata, accelerometer data, display data, machine hardware data, ad blocker configuration, page referral data, language, measurement, and other preferences, MITM 'de-encryption' attacks (standard practice in most large organizations), other trackers...

            And all the things that I have forgotten, or that most of the world hasn't learned about yet.

  11. anthonyhegedus Silver badge

    They didn't come up with useful alternative names for 'private' or 'incognito' then. My thought would be to use a slightly technical name, which at least wouldn't cause people to start using it in a dangerous fashion without checking what it meant. Trouble is, I can't think of anything either, but then I'm not the bunch of students tasked with doing some useful work.

    1. Charles 9 Silver badge

      I think the problem is that the medium here is UNhappy. Even the slightest bit technical, and people ignore it as Geekworld. But oversimplify things and people male rash assumptions. And worst case is something people oversimplify AS Geekworld.

      Frankly, I think you'd have better solving the universal energy crisis first.

      1. werdsmith Silver badge

        But if you enter, for example, incognito mode on Chrome, it tells you this:

        Your activity might still be visible to:

        Websites you visit

        Your employer or school

        Your internet service provider

        In plain text on the page right in front of your face, so it is not possible people don't know. They just don't care.

      2. Anonymous Coward
        Anonymous Coward

        "Frankly, I think you'd have better solving the universal energy crisis first."

        Already done. The Japanese have worked out how to extract uranium from seawater. For maximum bonus points, combine with desalination, and fix the water problem as well, while making uranium extraction much more efficient.

        1. Anonymous Coward
          Anonymous Coward

          "Already done. The Japanese have worked out how to extract uranium from seawater."

          Not usable in today's unstable political environment. Uranium = potential atomic bomb = potential H-bomb trigger. Not even thorium is all that safe long-term since its byproduct can be processed with enough effort (and with a state-level adversary, effort is always a possibility) into weaponizable uranium.

          Unless you can make something that is physically impossible to weaponize (and I think the opposite will happen--proving that ANY reactor technology CAN be subverted to make weapons), serious concerns will remain.

    2. Ken Hagan Gold badge

      I think "anti-girlfriend mode" accurately describes both the user demographic and the probable limits of its effectiveness.

    3. Baldrickk Silver badge

      They didn't come up with useful alternative names for 'private' or 'incognito' then.

      clean*

      fresh

      one-time

      single-instance

      history-free

      This is surprisingly hard, I don't think any of the above adequately describe it / don't add other connotations.

      "Hidden" for example has the same problem as "private"

      *which is ironic considering what many might be searching for

      1. Anonymous Coward
        Anonymous Coward

        Let's face it, it's real name is:

        Porn mode

      2. Steve the Cynic

        one-time

        Have you seen the complaints on MMORPG forums when the game sends them a second "one-time password"? Along the lines of "how can it be one-time if it keeps on sending them?"...

        I'm talking about the ones that the game sends you when your router reboots or reconnects after a line drop, and you get a new public IP address, and the game wants to make sure it isn't a hacker that succeeded in guessing your password.

        Each such password can be used one time ("once"), whence the name, but of course people assume it means "a password that will only be required to be used one time" rather than "a password that will only be able to be used one time".

        Therefore, a term to be avoided in the presence of "unaware" users.

    4. allthecoolshortnamesweretaken

      "opaque mode" ?

  12. Anonymous South African Coward Silver badge

    HAHAHAHAHAHAHAHA

    <wheeze>

    HAHAHAHAHAHAHA

    I expected something like that.

    My assumption on this private mode - that it ONLY prevent your wife (or GF) from seeing which sites you've browsed, but you still can see it on your firewall/ISP was correct.

    Next they (chrome, firefox etc) will offer a built-in VPN - but even then I won't trust that as it may leak like a sieve.

  13. Fustbariclation

    Avoid malware by using "Microsoft's..."???

    If you use anything from Microsoft, you have malware. You can't avoid it.

    You have spyware - it's baked in. The essential part of what the company does.

  14. MachDiamond Silver badge

    A good laugh

    I love the humor at the end of the article:

    "To avoid malware, try using Google's Safe Browsing or Microsoft's Windows Defender Browser Protection."

    1. Anonymous Coward
      Anonymous Coward

      Re: A good laugh

      I love the humor at the end of the article:

      "To avoid malware, try using Google's Safe Browsing or Microsoft's Windows Defender Browser Protection."

      ------------------------------------------------------------------------------

      Rather than 'humour', I would suggest 'satire'.

  15. LucreLout Silver badge

    If you have any recommendations, post away in the comments.

    Ok, I recommend you remove the Facebook links from you web site. You rail against them in the articles, which is fair game given their behaviour, and then support them to continue doing what they do by providing direct login links from your own site?

    1. Tomato42

      Re: If you have any recommendations, post away in the comments.

      and if you really want to keep them, do, but put them behind a switch that requires user to enable them before they start beaming data to mothership

  16. David Austin

    Naming Confusion?

    Another version of the "Tesla Autopilot" issue?

    1. Jamie Jones Silver badge

      Re: Naming Confusion?

      ... just like the article itself says!

    2. Haku
      Coat

      Re: Naming Confusion?

      The Tesla Autopilot is like an enhanced cruise control, they could call it the Tom Cruise Control, switch it on and the ride feels like you're in a Hollywood movie, leading to excessive speeding, but side effects may include getting chased by Guido the killer pimp, and being literally driven to Scientology...

  17. Anonymous Coward
    Anonymous Coward

    Private browsing = hidden from other users of the browser

    Basically...

    1. Anonymous Coward
      Anonymous Coward

      @AC

      And hackers or slurpers.

      Private mode also disables all extensions a browser might have, so whatever you do within that session will be totally invisible to others. Even if they gained access to your browser data through some kind of obscure plugin (here's looking at Facebook, Twitter and any other social media garbage).

      There is much more value to private mode than they're giving it credit for.

  18. My other car WAS an IAV Stryker Bronze badge
    Trollface

    Privacy suggestions

    Rip out the radio chips (Wi-Fi, Bluetooth, cellular, near-field) and/or disconnect the Ethernet cable. Problem solved.

    1. Prst. V.Jeltz Silver badge

      Re: Privacy suggestions

      Then put tin foil hat on and retire to cabin in woods?

    2. Anonymous Coward
      Anonymous Coward

      Re: Privacy suggestions

      What about the secret powerline ethernet connection and the satellites?

    3. Mark 85 Silver badge

      Re: Privacy suggestions

      The "OFF" button works better.

    4. Anonymous Coward
      Anonymous Coward

      Re: Privacy suggestions

      "Rip out the radio chips (Wi-Fi, Bluetooth, cellular, near-field) and/or disconnect the Ethernet cable. Problem solved."

      ----------------------------------------------------------------------------------------------------------------

      You also have to get rid of the speaker, camera, screen, USB ports, display ports, keyboard, and CPUs to prevent exfiltration by coded EM or light from the display, ultrasonic signals, USB data packages, power line data exfiltration, and keyboard sound analysis.

  19. anonymous boring coward Silver badge

    People are thick. What a shocker!

  20. Anonymous Coward
    Anonymous Coward

    Avoid Google - use DuckDuckGo

    Using DuckDuckGo will afford some additional anonymity...

    1. Jtom

      Re: Avoid Google - use DuckDuckGo

      Take a look at Gibiru.com, as well.

    2. Anonymous Coward
      Anonymous Coward

      Re: Avoid Google - use DuckDuckGo

      Using DuckDuckGo will afford some additional anonymity...

      --------------------------------------------------------------------------

      Particularly when combined with a VPN, Tor, and a live CD/DVD Linux distribution... Tails is particularly designed for privacy and security, but be sure to keep up with versions implementing defences against exploits as they are discovered.

  21. Anonymous Coward
    Anonymous Coward

    Tablets are cheap. I have one that I only do banking and finance on; one dedicated to social media/shopping; and one for browsing (retired, no need for a device for work). There are absolutely no personal data on the one for browsing, and no account info on any but the first browser (except for charge card data for shopping, but I have protections on that).

    If I were to ever want to engage in criminal activity, I would buy a cheap tablet, put in no identifying info, and use random, public wifi. Leave your cellphone at home, too, if you are up to no good, and stay away from security cameras. It's astounding how many criminals are caught because they are too lazy to get an anonymous burner phone, and leave their regular phone home.

    If you want security, you must do it. As soon as you entrust it to someone else, you have lost it.

    1. Alien8n

      They used that in a show recently (Deception?). Basically they had been trying to track some Russian gangster and only got a line on the guy when he accidentally dropped his burner phone down the toilet forcing him to use someone else's phone. By some quirk of story telling this phone was being monitored and hey presto they tracked him down.

  22. Anonymous Coward
    Black Helicopters

    A majority? Really?

    ""We found that browsers’ disclosures fail to correct the majority of the misconceptions we tested," the researchers wrote."

    Which browsers? For a so called scientific research you guys are sure lacking on the information. Sure, you have your statistics on how many users thought what, but when it comes to the source it boils down to estimates. "A majority", tells me nothing.

    So lets open a few windows. Opera tells me this about private browsing: "As soon as you close all private windows, all the information connected with them will be erased.

    Learn more

    If you want even more privacy - turn on the VPN.

    Seems pretty straight forward to me. If you click the link then Opera is very clear here: Browsing history, Items in cache and Cookies get erased.

    Sorry, but if you actually think that this also includes remotely stored stuff then... the problem is not with Opera in my opinion. Even so, they do explain this: "By default, Opera stores certain browsing data to help speed up connections, load common page elements, and generally interact better with the sites you visit.".

    So, what does Internet explorer tell me: "Met InPrivate-navigatie voorkomt u dat gegevens over uw browsersessie worden opgeslagen in Internet Explorer. Dit betreft onder andere cookies, tijdelijke internetbestanden, geschiedenis en andere gegevens.".

    Oh right, I have a Dutch version but guess what, it also leaves nothing to the imagination: "With InPrivate navigation you prevent data from your browser session to get stored with Internet Explorer. This includes cookies, temporary internet files, history and other data".

    SeaMonkey then (which is a Mozilla project, so I'm sure the same roughly applies to Firefox): "You are in a private browsing window, SeaMonkey won't remember any history for this window. In a private browsing window SeaMonkey won't keep any browser history, search history, download history, web form history, cookies or temporary internet files.".

    What's next? I know, I have this obscure small browser called "UC Browser", which is actually an ideal way to play browser games on your computer: "Incognito window. Good when browsing sensitive or private webpages, or when using a public PC. Will not record: browsing history, search history, cookies, files downloaded. Will save: Bookmarks added".

    So... concluding. All the browsers I use clearly mention that the private part is all about their storing of data. So where did this "majority" statement come from?

    Could this be a plot to make it look as if this feature is obsolete and unneeded ("because "everyone" is using it wrong") in an attempt to get rid of it so that "they" will have better ways to track us?

    Yes, this is definitely a conspiracy theory but think about it... It's not that hard to spout false information which isn't backed up by any facts and try to make a bit of a stir. When it comes to the usage of browsers the market share is obvious: Chrome, Safari, UC, Firefox, Opera, IE, Samsung Internet, Edge, Android, Others.

    I just showed that UC, Opera and IE are very clear about private browsing. Others already debunked Chrome. And considering my SeaMonkey experience I'm quite sure the same roughly applies to FireFox.

    So where does this majority statement come from?

    1. Charles 9 Silver badge

      Re: A majority? Really?

      Consider this angle. The vast majority of users are Stupid Users. How many Stupid Users actually read and understand this stuff? Remember, these are people who pull on doors with huge CLOSED signs on them...

  23. Haku

    I use "private" mode a lot, but not for privacy reasons

    When I want to view a linked/embedded YouTube video on a forum I usually open it in an incognito window, that way it doesn't get added to my logged in YouTube account fingerprint, which (mostly) stops them suggesting videos I have absolutely no interest in.

  24. Anonymous Coward
    Anonymous Coward

    Hints & Tips

    Shaun, Your Hints & Tips needs to be more widely disseminated.

  25. lglethal Silver badge
    Joke

    If you have any recommendations, post away in the comments.

    1) Unplug your network cable

    2) Unplug your computer

    3) Pack your bags

    4) Move to Canada

    5) Rent an Igloo

    6) Change your name

    7) Learn to hunt seals and whales for food

    8) Accept that google is probably still tracking you...

    1. Anonymous Coward
      Anonymous Coward

      Re: If you have any recommendations, post away in the comments.

      You had me up to #7) Learn to hunt seals and whales for food.

  26. Paratrooping Parrot
    Paris Hilton

    Cookies

    Does private mode give an empty set of cookies? So, how can they track you? Or is it because of the IP address?

  27. Anonymous Coward
    Anonymous Coward

    Don't use Algo, IPSEC has been compromised.

    Don't use Outline until the security critiques are in - it is cloud based (major security problems) and does not use a widely tested and used protocol.

    Use a VPN implementing the OpenVPN protocol, and make sure it is configured for strong algorithms.

    Remember that even a good protocol can be compromised by bad configuration, and getting everything right can be a challenge.

    No personal VPN will provide anonymity... if it is your VPN, then, well, it is tied to you.

    For real anonymity and security, go for a well researched paid VPN hosted in a country that is NOT the one you live in. Research countries and VPNs before choosing.

    Strongly consider using Linux or a FOSS BSD as the OS for your secure internet activities - it is highly doubtful that proprietary operating systems from American companies can be secure, and Microsoft, Apple, and Google all work on a 'grab, archive, and sell your information' model. For this reason, avoid Windows, MacOS, iOS and Android for activities where you care about security and privacy.

    Assume that ordinary IoT devices, home routers, and smartphones are fairly likely to be compromised.

  28. J.G.Harston Silver badge

    These are like the people who would tell me their telephone number, then complain when I phoned them "how did you get my number??? I'm ex-directory!!!!" But you told me your number. "That's not possible, I'm ex-directory!!!!"

    1. Charles 9 Silver badge

      And the people who lift fuel pumps that say OUT OF SERVICE or pull on doors that say CLOSED. If it isn't convenient for them, it may as well not exist. And there's no practical way to criminalize "being bloody stupid".

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020