'Porn mode' not necessarily anonymous

Private browsing options provided by the four major Web browser publishers aren't as secure as users may think, researchers say.

The private browsing options provided by the four major Web browser publishers aren't as anonymous and secure as most users might think, researchers at Stanford University's Computer Science Security Lab said in a new paper (PDF) to be published next week at the Usenix Security Symposium.

In tests comparing the anonymity and security of the private browsing modes in Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari, the paper concludes that "current private browsing implementations provide privacy against some local and Web attackers, but can be defeated by determined attackers."

Firefox's private browsing mode, taken from a "Minefield" nightly build.

(Credit: Screenshot by Seth Rosenblatt/CNET)

When activated, the private mode is designed to prevent the browser from retaining browsing tracking data. Private browsing can include visited-site history, cookies, search history, download history, Web form data, and temporary files and is colloquially known as "porn mode" because--as the researchers determined scientifically for the first time what many have long suspected--people most often use private browsing to visit pornographic sites. Despite its most common use, though, the implementation of private browsing has not yet been standardized and can vary from browser to browser.

The report also examined the risk that add-ons running under private browsing modes pose to anonymity, and concluded that, as with the implementation of private browsing itself, the risk of add-ons writing to the hard drive or retaining browsing tracks from private browsing sessions varies depending on the add-on.

In Firefox, for example, 16 of the top 32 JavaScript-only extensions allowed writing to the disk that a hacker could then later uncover. The study actually looked at the top 40 Firefox add-ons, and treated any binary extensions as unsafe in private browsing mode because of what the study called the inherent difficulty in parsing their arbitrary read-write behavior.

In Chrome, the study determined that 71 of the top 100 extensions use the "localstorage" API, implying that they might pose a risk to Incognito (Google's name for it's private browsing feature). The study did not address how extensions from the other browsers affect their private browsing modes.

"Incognito mode helps you limit the information that is saved on your computer when you browse the Web. It does not remove all records, as we make clear in our Help Center and whenever a user open a new Incognito mode window," said a Google representative. Google does allow for users to select extensions to run in Incognito individually.

The researchers determined that an add-on designed to disable extensions automatically in private mode could mitigate the risks posed by add-ons that write to the disk during private browsing, although they stated that "we need to restart Firefox to make sure that appropriate extensions are completely enabled or disabled." The Adobe Flash plug-in used to pose a tracking risk, but it has since been updated, "to be consistent with the browser's privacy mode," the researchers said.

The study did not address the Opera browser, No. 5 on the most popular browser list, which offers a private browsing mode but doesn't have extensions. The browser does have widgets, which Opera spokesman Thomas Ford said are "completely sandboxed" from the rest of the browser.

CNET Top 5
Companies Apple could buy with their billions
Apple's sitting on a massive pile of cash. Here are five interesting ways they could spend it.
Play Video

Member Comments