[Webkit-unassigned] [Bug 41801] 'Tracking-Resistant' Browsing
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jul 16 02:29:59 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=41801
--- Comment #11 from Robert Hogan <robert at webkit.org> 2010-07-16 02:29:58 PST ---
(In reply to comment #10)
> Here's a study of private browsing modes in web browsers that defines some of the objectives:
>
> http://www.collinjackson.com/research/private-browsing.pdf
>
> I don't think this work falls under the umbrella of private browsing mode, at least not as it is understood traditionally.
I agree with you, but that paper does regard a 'web attacker' (section 2.2) as one of the models private browsing attempts to defend against. It adduces as evidence of this the fact that most private browsing modes enforce a degree of state separation between private browsing and non-private browsing modes and also between private browsing sessions. It identifies fingerprinting techniques as one of the ways in which this goal can be undermined.
I think the properties it identifies above are by-products of the way private browsing implements the requirement to keep the state of previous browsing sessions locally undetectable more than anything else. It's easier for example to keep cookies from a private browsing session in a container that will be later deleted. So cookies from normal browsing aren't available in private mode. This also prevents normal browsing cookies from getting updated in private browsing mode, inadvertently leaving a local trace of the private browsing session.
So there is certainly room for clients and also WebKit to be more clear about the scope of private browsing. It's hard to see it as anything but ensuring the session leaves no traces on disk or display.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list