Monday, 2 July 2012

How it works: Private Browsing

Occasionally people want to view a web site that they would rather others did not know they were viewing. The classic contrived marketing example being buying a present for your wife. The reality, I am sure, is people watching porn.

So how does the Internet work, and who can see what you are doing?
  1. Well, the one thing you can be sure of, is that the web site you are visiting can track your IP address and knows that your IP is visiting their web site. No matter how the web site works, that will pretty much always be the case unless using something like TOR. However, to them you are a faceless IP address, and they will probably assume a dynamic IP address that will not be the same person tomorrow or perhaps even a second from now. They are also in some other country, probably. They probably have no interest in ever finding out who you are, and just want you to buy their premium services - just hand over your credit card now - there are girls waiting in Arnold, Nottingham for you :-)
  2. To access the web site you will have used something called DNS. This all happens behind the scenes. It is a system to convert names like (OK, every example I invented already exists, but www. something) in to the internal IP address used by your computer. The DNS server is probably run by your ISP. Surprisingly most DNS servers are not set up to log accesses (but could) and DNS accesses are not something covered by the UK Data Retention Directive. So yes, your ISP could know that you looked up a specific host name, and infer something from that if they wanted to. However, ISPs (well, most ISPs) have some integrity and would not look in to that. Also, you can use external DNS servers like 8.8.8.8 (google) and then the logging (if any) is again some anonymous dynamic IP address. If you really want you can run a local DNS resolver and avoid logging like this at the ISP or google, though some servers will be able to make logs.
  3. Your computer logs all sorts of crap, like you would not believe, but most browsers have a "private browsing" mode of some sort, or at least a "clear history" mode which means you can erase pretty much all of that. The "private browsing" mode is likely to be the most private. It is designed for this specific purpose (!) and so it does not log stuff. This is a reputation thing - someone making a browser that leaked your "private browsing" stuff would be exposed and laughed at.
  4. In order to actually access the web site in question, the packets do pass through your ISP. They could be snooping - but again, most ISPs have some integrity and would not be looking. To be honest, as an ISP, we really have no reason to look at, or care, what the hell you are up to, and would not do so.
  5. The packets pass through intermediate ISPs and transit providers. They have even less incentive to ever look at what you are up to, and less way to tell who you are - so again, low risk.
  6. On the way, if you are in an office, or even some homes where you are not the IT person, the packets could go via a local router of firewall that has some logging. They could log stuff. Your employer can, and may feel the need to, log your DNS lookups and your network traffic. Private browser mode will not help you. They almost certainly know which IP is which employee. Just go home!
So, over all, at home, you are pretty safe if you use a "private browsing" mode, to find your wife/girlfriend a surprise present, obviously...

That is, except, for the new Communications Bill, which will, if passed, mean that all those web site accesses are snooped, and logged, and kept for a year, and accessible (officially) to various parties (e.g. police) and of course unofficially to anyone that hacks the black boxes... Oops.

No comments:

Post a Comment