Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Do Browser Features Offering Privacy Really Work?

Question: Google Chrome promises Incognito mode. Is it true that no record of your web browsing is kept and in the future can not be recovered? I thought windows kept a log of everything you did as a matter of course. Scenario: could the law enforcement agencies find the web sites you have visited if you were using incognito mode?

Ah yes, “Incognito” in Chrome, and “InPrivate Browsing” in Internet Explorer 8.

Also known as “Porn mode” to the rest of us.

Let’s review what these features do, and just how paranoid you should be when using them to surf porn whatever it is you want kept private.

Become a Patron of Ask Leo! and go ad-free!

First, let me address something from your question:

I thought windows kept a log of everything you did as a matter of course.


Windows does not keep a log of everything you do. Period.

Now, that being said, Windows can be configured to log a lot of what you do, and the applications you use can often log a lot of what you do, and of course spyware can log a lot of what you do, but the statement “Windows logs everything” is simply untrue.

Let’s look at what Google’s Chrome says about Incognito browsing (IE8’s “InPrivate” is similar in concept):

Pages you view in this window won’t appear in your browser history or search history, and they won’t leave other traces, like cookies, on your computer after you close the incognito window.

Read that carefully, because that’s all that Incognito mode does:

  • It doesn’t add sites to your browser history
  • It doesn’t add searches to your search history
  • It doesn’t leave cookies behind

That’s a pretty short list. In fact, the list of what could still happen is longer:

  • Anything you download, like pictures, MP3’s or video, remains.
  • Any bookmarks you create remain.
  • The websites you visit may still have your visits in their logs.
  • Your ISP can always see what you’re doing if they elect to, unless you take additional steps such as using a VPN.
  • Malware can still collect everything you’re doing.

I also like that Google mentions that Incognito Browsing will not prevent people from watching over your shoulder, or protect you from “Surveillance by secret agents”. Smile

One thing Google does not mention explicitly in Chrome documentation is how Incognito affects the browser cache. I have to say that Incognito would be kinda pointless unless it also affects the cache (i.e. things that might be cached in an Incognito session should be removed on exit), but I’ve not seen confirmation on that.

So, let’s get to the meat of your question: could someone still figure out where you’ve been going even if you’ve been using Incognito or InPrivate modes?


I’ll leave aside the fact that all bets are off if there’s spyware installed.

One of the most fundamental concerns, as I see it, is that even in an incognito mode the browser still keeps information in memory (RAM). That, in turn could be swapped to disk into the paging or virtual memory file under certain circumstances.

And yes, to a truly dedicated individual that could be found.

Easy? Nope. Possible? Yes. Likely? That’s harder to say. It depends on a lot of things coming together. My gut says it’s not very likely, but of course I could be wrong (and the technologies could change).

My advice is to look at it this way: Incognito and InPrivate are the equivalent to automatically clearing your private data when your done – clearing the cache (we think), cookies, your browsing history and the like.

And nothing more.

That’s a fine level of privacy for many needs, most notably looking at, ah … art images.

But if you’re truly paranoid, or really, truly need much more security than that advice provides, you should not rely on these browser features, but should be taking additional steps that are more clearly understood, and more completely in your control.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

11 comments on “Do Browser Features Offering Privacy Really Work?”

  1. I logged on to the Google history page and saw that if I wanted to view my history I would need to install the Google toolbar. Fortunately I’ve clicked un check the install toolbar every time a freeware program tried to install it, so I guess we’re slightly safer if we don’t have the Google toolbar. Google may have my searches recorded but it doesn’t have all my info in one place,YET. Although the way Google works, it can take a lot of related data spread out all over the web and manage to put it together. So we’re never really private.

  2. I think you’re missing one of the major points of “can it be recovered”; when something’s deleted, it’s not really deleted. I’m sure in this age of paranoia, we all know exactly what I mean, so I’ll be short and sweet. If it stores ANYTHING to hard drive, it can be recovered with enough effort, unless you shred all free space.

    These “porn modes” are, most likely, the biggest waste of development time in quite a while. Clear your cache. I’m quite sure that, unless it’s illegal for whatever reason, no one is going to take any effort to search your free space for your, uh, “artistic” pictures. ;)

    Hell, if you REALLY want to go that far, download CCleaner and check “Shred when deleting files” and “Shred free space” after every browsing session.

  3. The main idea behind the privacy mode is that you don’t have to clean up after you and leave any previous history as it was. Only the privacy session does not leave traces. Quite useful when using someone else’s or a public computer.. Besides cleaning up after you takes time and effort.

  4. I think Leo really hit the nail on the head, as usual. As for law enforcement, if it’s ever been on your hard drive, and that particular file has not yet been overwritten, they can and will find it. Period. Spyware is another major concern with privacy. I think the bottom line is – make sure what you are doing on your PC is legal!!! If anyone has ever tried even some of the freeware recovery tools such as ‘Recuva’, you’d be amazed at what you’ll still find on your hard drive. Law enforcement spends millions a year on computer forensic tools and software. Handybits file shredder is a great freeware program to try if you want to delete a file and make it “un-recoverable”. They claim to overwrite the deleted file to NSA and Military specifications.

  5. I don’t trust those filters no matter what they say. As an example… You may want to search something medical – like diabetes and not do so on a work machine because you don’t want them knowing anything about your medical history. Wanting to Hide things can have NOTHING to do with porn.

  6. I think the real problem is not what is stored on my computer but what records the ISP retains about my surfing and downloading. I understand that there is now or is going to be a new UK law that requires the ISP to keep a record of everything we do including our emails. UK is now a proper police state brought about by what I believe are three antichrists: Blair, Brown and Mandelson.

  7. Would a better solution be if you use a virtual machine like VMWare for ‘incognito’ browsing and reverting back to a snapshot. Wondering if reverting leaves a previous state that could be revived. Can downloaded material within virtual OS transferred to thumb drive be recovered from hard drive?

    It’s a good approach, as it would make recovery more difficult, at least. Yes, you can transfer files between the VM and host if you like. If you want to be extra paranoid, I’d place the VM hard disk image on an encrypted TrueCrypt volume, so that it was completely unrecoverable when the volume wasn’t mounted.

    – Leo
  8. My question, is why do you need more privacy? There’s no absolute way to escape the government (if you go that far), and most people wondering about incognito, etc, have no idea how data is stored or what the cache is. I happen to understand; however, most people start getting confused with the mention of such. I think it should be made clear that this is perfectly fine for the average, and even slightly off average, consumer looking for privacy.

  9. What about temp files? (This is probably part of the larger issue of browser cache.) When you view an image or non-HTML document in the browser, normally this image has been saved to disk in a temp file location. Even if the browser is set to delete temp files on exit, we know that deleting files doesn’t actually erase or overwrite the file data on disk – it just marks that area of the disk as no longer in use. The file or fragments of the file remain until all of the area it had occupied happens to get re-used. A good incognito mode would force all temp files to be stored in memory, with no chance of being swapped to disk, even if that caused out of memory errors. Then when the PC is turned off it all goes to data heaven.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.