- From: Nick Doty <npdoty@ischool.berkeley.edu>
- Date: Tue, 10 Apr 2018 15:35:07 -0700
- To: Shivan Kaul Sahib <shivankaulsahib@gmail.com>
- Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
- Message-Id: <5ED95FD0-B9AA-420C-B45F-8CCE376C27BD@ischool.berkeley.edu>
On Mar 27, 2018, at 8:27 PM, Shivan Kaul Sahib <shivankaulsahib@gmail.com> wrote: > Hi all, just remembered that at IETF 101 PING meeting we'd had a brief discussion about how websites can detect incognito mode. Did a quick Google search and a stack overflow answer came up. https://stackoverflow.com/a/27805491 <https://stackoverflow.com/a/27805491> > > Basically try requesting the file system API and if it doesn't exist then you're in incognito mode. I'd imagine that to mitigate this one could patch some js on so that the call to check if file system API exists returns true but then you have an arms race where the only way to win is to reintroduce the API entirely in incognito mode. Hiding private browsing status is likely to be difficult, as you note, because if it has meaningful changes, those changes may be observable to the site. I think it might be more complicated than that simple Chrome-specific suggestion from a few years ago. A browser could provide the file system API and just make any files stored be separate from those accessible to other browser windows, etc. and I think browsers have done this with localStorage, for example. I'm not sure if there's a single source documenting the different models in each browser, but I suspect that user agents would typically like it not to be easy to detect private browsing mode, but that making it infeasible or impossible will be challenging. Mozilla's documentation suggests that they aren't generally successful at hiding all side effects: https://wiki.mozilla.org/Private_Browsing <https://wiki.mozilla.org/Private_Browsing> Increasingly relevant would be site-side detection of when a user is within a limited container even if that container isn't considered "private" or "incognito", and I suspect that UAs would be interested in making that not accessible to the site. So if I browse Facebook in a way that all state mechanisms are isolated, can Facebook like buttons on other sites determine that I'm the same user? Or can Facebook see that I'm using the Facebook container plugin and try to discourage me when I'm in that mode? In the ultimate case, that might come down to the feasibility of mitigating browser fingerprinting. —Nick
Received on Tuesday, 10 April 2018 22:36:17 UTC