Re: Fwd: The new private browsing.. I have a question, maybe
John Bird
know everyone colloquialy calls it "porn mode", and for sure it will be
used for porm more than users will care to admit. But the other uses are
equally valid. The mains ones that occur to me are:
a - Shared computer where flatmates don't want to reveal browsing habits to
each other
b - Browsing done from work computers for private reasons -
shopping/email/news sites/banking
c - Internet cafes where people want to do email or banking with confidennce
that no logins or history or past pages are stored.
d - Countries where governments montor browsing
e - porn. Unknown usage as few users ever admit to viewing porn, yet web
traffic suggests otherwise. Like it or not and avoiding making judgements,
its probably a good idea to make visitiing porn sites a bit more discrete
because Firefox is a safer browser to use on such sites with all their
security issues/malware etc.
f - Shopping for gifts
I would bet that b and c are the most important cases, and the most
numerous. d and e are also important to cater for.
In many internet cafes I have seen, the option to delete history is
disabled, as to get into that menu also allows one to alter Firefox options
(Options). Instead the session history is often deleted on Windows networks
by when the user clicks on a "finished" timer option it forces the session
to log out and (hopefully) reset to no history. I personally do not trust
it, and have seen some internet cafes where some history even with such
schemes is retained between sessions.
A core goal of Firefox would be to have it safe to use in any internet cafe
for internet banking, and leave no history (logins/pages/URL history) that
the user can check all is clear before they leave the computer. Private
browsing is ideal for this. Note if the Tools menu is disabled then there
has to be a way to still allow a user to start private browsing! Should
private browsing ever be able to be disabled? This is a valid question for
workplaces installing Firefox, or such as security agencies. I am guessing
that however such places can monitor outside of the browser what websites
are visited by monitoring the router etc. I would lean to Firefox not
being ever able to disable private browsing, no matter how locked down the
browser installation is.
Point 2/Question 2 - I don't tend to use Google Chrome for private browsing
simply because there is an unknown amount of url text sent to Google and
recorded there to aid in searches - some German users think this is enough
of an issue to have released an alternative version of Chrome with the
Google communication removed.
Can a website detect if a browser is in private mode? Can the local PC
detect if the browser is in private mode? I think for maximum security,
especially for points c and d above, it would be advisable that neither the
host PC nor a website can detect that the browser is in private mode. It
simply ceases to record history internally, and does not telegraph that
status anywhere else. If there is a debate about whether or how Chrome
should show the private browsing mode, then I suggest a smple option to let
users set private browsing mode indicator on or off.
John Bird
John Bird
site for content, apparently the UK government is consdiering making this a
requirement of web sites, a rating similar to as for Films and TV programs.
Some even approximate ratings for a web site, with a profile set up that
this profile can or cannot view say:
R18 adult web sites
Sites containing violence (game sites)
Could be a popular addition to consider, at least as an adjunct to a rating
on the web site itself which is going to be hard to enforce of course.
http://uk.reuters.com/article/UKNews1/idUKTRE4BQ0KN20081228
Suggestion 2 - The Awesome Bar does not give results according to the
bookmark folder name. So for instance if I type "Cinemas" (a folder where
I have all the local cinema web sites bookmarked) it does not show not show
the folder. Nor does "Firefox Develpment" (another folder I have). I
can open them by using the "Organise bookmarks" menu, it just seems
inconsitent or incomplete.
John Bird
Ehsan Akhgari
> Note if the Tools menu is disabled then there
> has to be a way to still allow a user to start private browsing!
One solution here would be a keyboard shortcut for private browsing.
This has came up several times before. I filed bug 471428 in order to
discuss this further.
> Should
> private browsing ever be able to be disabled?
The service is never disabled, unless in case an extension which does
that is installed. The UI, however, may be disabled like you suggest.
> This is a valid question for
> workplaces installing Firefox, or such as security agencies. I am guessing
> that however such places can monitor outside of the browser what websites
> are visited by monitoring the router etc. I would lean to Firefox not
> being ever able to disable private browsing, no matter how locked down the
> browser installation is.
One way would be to set the autostart pref to true.
> Can a website detect if a browser is in private mode?
Yes, if they posses the technical background to do so. This can be
done using plugins which store data beyond control of Firefox's
private browsing implementation; but there are plans to change that.
> Can the local PC
> detect if the browser is in private mode?
Yes, definitely. There is little which can be done in this regard.
If someone has access to your PC, they can install an extension which
logs if you are in private browsing mode or not. And that is only one
way of doing so.
> I think for maximum security,
> especially for points c and d above, it would be advisable that neither the
> host PC nor a website can detect that the browser is in private mode. It
> simply ceases to record history internally, and does not telegraph that
> status anywhere else. If there is a debate about whether or how Chrome
> should show the private browsing mode, then I suggest a smple option to let
> users set private browsing mode indicator on or off.
An important point to note here is that the main goal of the private
browsing mode is to protect against other users of the same computer
though.
--
Ehsan
<http://ehsanakhgari.org/>