Why Private Browsing Isn’t…
One of the features of the latest crop of browsers is a ‘private browsing’ mode (aka the porn mode) in which cookies and URL histories form a browsing session are discarded at the end of the session, leaving ‘no trace’.
Whilst watching the BBC iPlayer last night, I got fed up with the programme stalling (too many open apps, etc etc) so I decided to move to another browser. On going to the appropriate progamme page, I had the option to “Resume” the programme at the point I had just stopped watching it in the other browser.
A quick tweet asking how this might work was met with the response that iPlayer was probably making use of “Stored Objects, Flash’s equivalent of cookies”, as confirmed (I think?!) by @dansumption.
That is: when you visit a website, most browsers are capable of storing a small amount of data (known as a cookie) specified by the website. This might include a unique identifier that allows the website to recognise you when you visit the site again using the same browser, for example, or store personalisation information for you. Third party cookies allow adservers to recognise who you are when you wander across different websites, too. (A brief into to cookies can be found on the OpenLearn site: What are cookies?.)
If you don’t want a website to be able to recognise you if you revisit it, you can either block the cookies it wants to set, or delete the cookies it has set in a previous session. Private browsing handles this for you automatically.
Another thing that browsers do is maintain a history of websites that you have visited. Once again, private browsing steps in here to prevent the browser from remembering what sites you have visited during a private browsing session. And finally, private browsing doesn’t keep track of any searches you might have made in the private browsing session using the browser’s built in search box.
Whilst there are still traces all over the place of the sites you have visited, from the firewall log on your computer or your broadband router box to your ISP, if you were browsing within a private browsing session, you might expect that at least your computer would remain ‘free of evidence’ about what you had been searching for, or which sites you had visited (along with removing any tell tale cookies they may otherwise have left behind).
Well, as the BBC iPlayer cross-browser ‘Resume programme’ facility, suggests: no.
Many sites that use Flash, (BBC iPlayer included) make use of Flash Stored objects which sit outside the control (for now at least, and as I understand it) a browser’s private history mode. I’m guessing it also sits outside the scope of a browser’s ‘clear cookies’ and ‘clear history’ actions?
If you’re intrigued about what flash ‘cookies’ you might have set on your computer, you can inspect them (and delete them) using this Adobe tool: Flash Player: Website Storage Settings panel
Anyway, if you run info skills courses, it’s maybe to one to remember…
PS we may not need Flash for much longer anyway, as Mike Ellis suggested when I pointed him to this rather wonderful site demoing the power of CSS in a modern browser: Text ShadowCSS effect;-)
PPS see also When Delete Doesn’t