web security

An Analysis of Private Browsing Modes in Modern Browsers

Gaurav Aggarwal, Elie Bursztein, Collin Jackson, Dan Boneh   @Usenix Security 2010
1 reaction(s) | 1809 downloads
We study the security and privacy of private browsing modes recently added to all major browsers. We first propose a clean definition of the goals of private browsing and survey its implementation in different browsers. We conduct a measurement study to determine how often it is used and on what categories of sites. Our results suggest that private browsing is used differently from how it is marketed. We then describe an automated technique for testing the security of private browsing modes and report on a few weaknesses found in the Firefox browser. Finally, we show that many popular browser extensions and plugins undermine the security of private browsing. We propose and experiment with a workable policy that lets users safely run extensions in private browsing mode.
Downloads
paper
slides
You might also like reading

clickjacking 2010

Busting Frame Busting a Study of Clickjacking Vulnerabilities on Popular Sites

mobile 2012

SessionJuggler Secure Web Login from an Untrusted Terminal Using Session Hijacking

privacy 2012

19% of users use their browser private mode

web 2011

Analyzing web application performance

security 2011

Tracking users that block cookies with a HTTP redirect

Comments
About me
Lead Google's anti-abuse research. Develop new ways to protect users and disrupt bad guys. Make Chrome safer and faster. Help keeping G+ and Gmail clean. Wear berets. Do magic tricks.
Performance
headers: 0.000629901885986
files: 0.00109004974365
get publication: 0.0771598815918
sidebar: 0.187669992447
related: 8.83419013023
total: 9.10076999664