- From: Bil Corry <bil@corry.biz>
- Date: Wed, 08 Apr 2009 22:34:58 -0500
Aryeh Gregor wrote on 4/8/2009 12:23 PM: > On Wed, Apr 8, 2009 at 1:02 PM, Bil Corry <bil at corry.biz> wrote: >> Is there really a use case for wanting to show up at a site as yourself, but not have any footprint of the visit saved locally? > > Yes. The commonly-cited use-case is buying a present for your spouse: > you would like it to be a surprise, and therefore not show up in the > URL bar when they use the computer and type things. The actual > use-case and basically the whole purpose of the feature, which people > tend to politely avoid mentioning, is viewing porn. You could buy presents and surf porn regardless if the browser offers up your cookiejar or not. > The feature is not intended to try hiding info about you from the > site. It's not very useful for that. It could be :) > If you don't want the site to > know about you, you'd want to delete info before the visit, and may as > well leave it alone after the visit. Note that browsers do the exact > opposite: all delete info after the session, but only some hide info > from before the session. You certainly wouldn't bother deleting > history or cached files, since the server doesn't know about those > anyway. I like that "privacy mode" does not leave a local footprint, I'm not arguing against it. I was pointing out that I had the expectation that it also provided a new user profile. > And you'd want to set privacy on a per-site basis, not a > per-session basis -- you say "I don't trust this site", not "I don't > trust any of the sites I'm going to visit in this particular browser > window until I close it (but I trust all other sites)". The latter > would be bizarre. Then I want the bizarre. There are a variety of use cases for having a new user profile when in "privacy mode". It would be helpful as a web developer for testing a site as a brand new visitor. It would be helpful when visiting a risky site; maybe the site will try CSRF -- CSRF won't work if I'm surfing under a new user profile that doesn't have any existing cookies. Maybe I want to double-check that Amazon hasn't reverted to their lower-prices-for-people-who-have-never-been-to-Amazon-before pricing strategy, but I still want to keep my original Amazon cookies. Or I want to allow a visitor to use my computer, they use the same sites I do and I don't want them being logged in as me. Or the reverse, I'm at a friends house, the library, etc and I want to visit sites without accidentally logging in as someone else. > The intent of private browsing mode is to say "I don't want other > people using this computer to know that this browser session ever > occurred". You don't care if the site knows about you. If that were > the use-case, the feature would be designed totally differently. Again, I don't know the backstory to private browsing; I have never used it. But my expectation when I heard about it is that it doesn't leave a footprint on the computer and it starts with a new user profile. And for myself, that behavior is the most useful. - Bil
Received on Wednesday, 8 April 2009 20:34:58 UTC