We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Web add-ons compromise 'private browsing'

'Porn mode' also hobbled by security features

Security researchers have revealed that 'private browsing' modes on web browsers, which are designed to remove all traces of the sites a user has visited, can leak information.

A study by Dan Boneh from Stanford University which is due to be presented at the Usenix Security Symposium in the US next week claims that many browser add-ons or website security measures stop the 'private browsing' mode from working properly.

Boneh and his team looked at the private browsing functions on Mozilla's Firefox browser along with Microsoft Internet Explorer, Google Chrome and Apple's Safari, and said all four programs were affected.

We discovered that all these browsers retain the generated key pair even after private browsing ends," the study said.

"Again, if the user visits a site that generates an SSL client key pair, the resulting keys will leak the site's identity to the local attacker."

The study also revealed that the function is more likely to be used by those browsing adult websites than those purchasing 'suprise' gifts for family and friends.

"We found that private browsing was more popular at adult web sites than at gift shopping sites and news sites, which shared a roughly equal level of private browsing use," Boneh said in the report.

"This observation suggests that some browser vendors may be mischaracterising the primary use of the feature when they describe it as a tool for buying surprise gifts."

Boneh and his researchers believe they are the first to demonstrate that 'private browsing' can be compromised.

See also: Web browser group test 2010


IDG UK Sites

How to get a free EE Power Bar: Mobile and broadband customers eligible for free smartphone charger

IDG UK Sites

Why Netflix won't terminate your account for using a VPN, probably

IDG UK Sites

Forever 21 denies pirating Adobe, Autodesk and Corel software, accuses companies of 'bullying'

IDG UK Sites

New Apple TV 2015 release date rumours: Apple's WWDC invite shows Apple TV