An analysis of private browsing modes in modern browsers
Authors: G. Aggarwal, E. Bursztein, C. Jackson, and D. Boneh
Abstract:
We study the security and privacy of private browsing modes recently added to
all major browsers. We first propose a clean definition of the goals of
private browsing and survey its implementation in different browsers. Since
there is no data on the use of private browsing, we conduct an experiment to
determine how often it is used and on what categories of sites. Our results
suggest that private browsing is used differently from how it is marketed. We
then describe an automated technique for testing the security of private
browsing modes and report on weaknesses found in the
Firefox browser. Finally, we show that many popular browser extensions and
plugins undermine the security of private browsing. We propose and experiment
with a workable policy that lets users safely run extensions in private
browsing mode.
Reference:
In proceedings of Usenix Security 2010.
[BIBTEX]
Full paper: pdf