Privacy mode not so private

I like my privacy. I also prefer to keep my information secure. I might be a bit more paranoid than the rest, but not extremely so. A short while ago, I discovered something disturbing regarding Firefox. It seems to be a ‘secret everybody knows’, yet Firefox doesn’t say anything about that.

What is it? When using Firefox’s capabilities to ‘clear private data’ (under options->privacy), even when checking all the checkboxes, a lot of information is still kept. This is even true when using the new ‘private browsing’ which supposedly allows you to browse without any record kept.

How is the information kept? Using Local Shared Objects (LSO’s), which are basically cookies used by flash objects. Who uses these cookies? Almost everyone. The result? If you trusted Firefox so far to keep your browsing history secure, take a look at the following locations, and tell me what do you see.

How to mitigate? Simplest option is just to delete the files you see in the aforementioned locations. Better yet, install BetterPrivacy. Of course, you can also install any kind of flash blocker, or any other tool, to make sure you don’t keep those LSOs.

If you do end up using BetterPrivacy, be sure to check the “On cookie deletion also delete empty cookie folders” checkbox. If you don’t, while the cookies are no longer kept, the record of the sites you visited is still kept locally.

This entry was posted in Security and tagged , , , , , , . Bookmark the permalink.