[Owasp-singapore] Findings on Google Chrome/Chromium "Incognito" mode

Wong Onn Chee ocwong at usa.net
Mon Dec 21 00:40:10 EST 2009


Hi folks,

I believe all of you know that Chrome/Chromium comes with the
"Incognito" window which purportedly allows private browsing.

While testing the Chrome/Chromium browser on Linux, I discovered that
browsing history, even when Incognito mode is enabled, does get stored
in your local machine.

These are the files you need to wipe to ensure 100% privacy:

*_Chrome_*

Under your /home/<username>/.config/google-chrome/Default folder, remove

Archived*
Cookies
Current*
History*
Last*
Thumbnails
Visited*
Web*

*_Chromium_*

Under your /home/<username>/.config/chromium/Default folder, remove

Archived*
Cookies
Current*
History*
Last*
Thumbnails
Visited*
Web*
Local Storage/*

To the best of my knowledge, there is no impact when the above files are
deleted as the Chrome/Chromium browser will re-create these files.

Recommend to use secure wipe commands to delete such files to really
leave no trail of your web history.


Have a safe Merry Christmas and Happy New Year!

Cheers
Onn Chee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20091221/c5fb611d/attachment.html 


More information about the Owasp-singapore mailing list