Sensing the overgrowing demand for more privacy, major web browsers such as the Internet Explorer, Mozilla Firefox, Google Chrome etc. recently began providing users with an all new ‘Private Browsing’ mode built right into the browser. The idea behind this move being that, the users will be able conduct sessions, without leaving any traces of their activity on the computers. However, a team of researchers have found that, all the hype about the private browsing modes is just that, a hype, and it seldom works.
As per the results of the research, the current generation browsers aren’t able to provide effective private session modes. Firefox for example consists of a ‘custom handler protocol’ embedded inside the construct, due to which the URLs visited by the users in the privacy mode are still visible after exiting the mode. Browsers such as IE, Apple Safari, Firefox etc. are known to use the SSL client certificates for security purposes, that are expected to keep the user privacy maintained, however, it has been found that, SSL client public/private key pair generated during the private session can still be retained by the browser, thereby nullifying the entire concept of the Private Browsing.
According to the researchers, “Browser add-ons (extensions and plug-ins) pose a privacy risk to private browsing because they can persist state to disk about a user’s behavior in private mode. The developers of these add-ons may not have considered private browsing mode while designing their software and their source code is not subject to the same rigorous scrutiny that browsers are subjected to.”