Ah yes, “Incognito” in Chrome, and “InPrivate Browsing” in Internet Explorer 8.
Also known as “Porn mode” to the rest of us.
Let’s review what these features do, and just how paranoid you should be when using them to surf porn whatever it is you want kept private.
First, let me address something from your question:
I thought windows kept a log of everything you did as a matter of course.
Windows does not keep a log of everything you do. Period.
Now, that being said, Windows can be configured to log a lot of what you do, and the applications you use can often log a lot of what you do, and of course spyware can log a lot of what you do, but the statement “Windows logs everything” is simply untrue.
Let’s look at what Google’s Chrome says about Incognito browsing (IE8’s “InPrivate” is similar in concept):
Pages you view in this window won’t appear in your browser history or search history, and they won’t leave other traces, like cookies, on your computer after you close the incognito window.
Read that carefully, because that’s all that Incognito mode does:
- It doesn’t add sites to your browser history
- It doesn’t add searches to your search history
- It doesn’t leave cookies behind
That’s a pretty short list. In fact, the list of what could still happen is longer:
- Anything you download, like pictures, MP3’s or video, remains.
- Any bookmarks you create remain.
- The websites you visit may still have your visits in their logs.
- Your ISP can always see what you’re doing if they elect to, unless you take additional steps such as using a VPN.
- Malware can still collect everything you’re doing.
I also like that Google mentions that Incognito Browsing will not prevent people from watching over your shoulder, or protect you from “Surveillance by secret agents”.
One thing Google does not mention explicitly in Chrome documentation is how Incognito affects the browser cache. I have to say that Incognito would be kinda pointless unless it also affects the cache (i.e. things that might be cached in an Incognito session should be removed on exit), but I’ve not seen confirmation on that.
So, let’s get to the meat of your question: could someone still figure out where you’ve been going even if you’ve been using Incognito or InPrivate modes?
I’ll leave aside the fact that all bets are off if there’s spyware installed.
One of the most fundamental concerns, as I see it, is that even in an incognito mode the browser still keeps information in memory (RAM). That, in turn could be swapped to disk into the paging or virtual memory file under certain circumstances.
And yes, to a truly dedicated individual that could be found.
Easy? Nope. Possible? Yes. Likely? That’s harder to say. It depends on a lot of things coming together. My gut says it’s not very likely, but of course I could be wrong (and the technologies could change).
My advice is to look at it this way: Incognito and InPrivate are the equivalent to automatically clearing your private data when your done – clearing the cache (we think), cookies, your browsing history and the like.
And nothing more.
That’s a fine level of privacy for many needs, most notably looking at, ah … art images.
But if you’re truly paranoid, or really, truly need much more security than that advice provides, you should not rely on these browser features, but should be taking additional steps that are more clearly understood, and more completely in your control.