Incognito Mode Won’t Keep Your Browsing Private [medium]
by CIRT Team
The big tech giants, online advertising companies, and data brokers use a ton of tricks to track you around the web. These include things like cookies, location and device logging, fingerprinting, and even share buttons, the last of which make it very easy for companies like Facebook and Google to see what you do online, even on third-party websites.
Of course, today’s users aren’t blind to much of this tracking. And most people who are aware of it will take (somewhat predictable) steps to do what they think will hide their online activity from tech companies.
One of the most common techniques people think can help hide their activity is the use of an “incognito” mode in a browser. This opens a secure browsing window where third-party cookies are blocked and browsing history is paused.
Sorry, no
The problem with incognito modes is they provide a false sense of security.
Despite what most people assume, incognito modes are primarily built to block traces of your online activity being left on your computer — not the web. Just because you are using incognito mode, that doesn’t mean your ISP and sites like Google, Facebook, and Amazon can’t track your activity.
This is especially true if you’re logged into any of these sites in your browser, no matter if it’s before or after you’re in an incognito window — the companies can still see everything you do. And it’s the same for any other site you need to log in to. So remember that if you’re logged in to a website, no matter if you are using incognito mode, or even a VPN, the website’s owners can see exactly what you are doing.
For the people who recognize the limits of incognito mode, they’ll generally then use browser extensions to help block more information being sent back to tech companies. These usually involve script, cookie, and ad blockers. The problem with this is that many websites rely on those same technologies to work right — again, this is especially true of websites you need to log into, like banks, social media sites, and shopping sites.
Usually, the sites that require scripts and cookies to work will show you a notification telling you that you need to whitelist them if you want to use the site properly. Whitelisting them gives you back the site’s functionality, but then you lose the privacy protections you were seeking in the first place, because those sites will once again place tracking cookies on your computer to follow your online footsteps. So what is a privacy-conscious person supposed to do?
Browser compartmentalization
Browser compartmentalization is a privacy technique that is finally gaining mainstream attention. The technique sees users using two or even three browsers on the same computer. However, instead of switching between browsers at random, users of browser compartmentalization dedicate one browser to one type of internet activity, and another browser to another type of internet activity.
Here’s how it works:
- Users will use one browser for any and all websites they need to log in to. This browser is the one on which they’ll access their social media, banks, and shopping sites.
- The big catch here is that users will never use this browser to search the web or randomly browse the internet. This browser is only used for bookmarked sites you need to log in to. Let’s call this your “accounts” browser.
- Users will then use a second browser for all their web searching and random browsing. On this browser, a user will never log into any website — ever. They will never use this browser to personally identify themselves in any way, period. We’ll call this your “everyday” browser.
By splitting up your web activity between two browsers, you’ll obtain the utmost privacy and anonymity possible without sacrificing convenience or the ease of use of the websites you need to log in to. That’s because the majority of your web usage will be done in your “everyday browser,” which, by never logging into any website, will make it extremely hard for data firms to identify you and track your activities — especially if you fit your “everyday” browser out with some hardcore privacy extensions. You can go all out with your privacy settings on your “everyday browser”: Block all cookies, scripts, and trackers, and always use in it incognito mode. That’s because you won’t be logging into any sites that require cookies or scripts to be enabled to work.
A word of warning: This approach won’t completely protect your privacy. Your ISP and other companies may still be able to see which sites you are visiting. To completely obscure your traffic, you’ll need to also use a VPN.
For websites that do require those technologies to work, like social media sites and banking sites, you’ll use your “accounts” browser.
Why browser compartmentalization works
The reason browser compartmentalization works is because web browsers are, for the most part, walled gardens. They don’t share cookies between them, nor other identifiable items like browser history or bookmarks. Thus, when Google or Facebook places a cookie tracker on your “accounts” browser when you log in to their sites so they can track you around the web, this cookie they’ve put on your computer is only accessible through that browser, not any other browser on your computer.
Setting up your ‘accounts’ browser
When configuring your browser compartmentalization setup on your computer, you’ll want to decide which browser you’ll use as your “accounts” browser, and which one you’ll use for your “everyday” browser. Since your “everyday” browser will be the one you use most often to browse the web, I recommend you use a privacy-focused browser that supports a ton of extensions and add-ons, like Firefox or Brave.
For your “accounts” browser, I still recommend you use a privacy-focused browser, but one that doesn’t require a lot of add-ons or extensions. Remember, you’re going to want to have your “accounts” browser set up to accept some cookies and scripts so you can log in to the websites you need.
That’s why I recommend using Apple’s Safari on Mac or PC as your “accounts” browser. It’s got decent privacy protections built in, yet ones that won’t break websites you need to log in to. If you aren’t a Safari fan, other good “accounts” browser options include Microsoft’s Edge, Firefox, and Brave. As for Chrome: It’s made by Google, whose sole aim is to know everything you do online, so it’s probably best to stay away from Chrome if you value your privacy.
Once you’ve chosen your “accounts” browser, bookmark every site you use that you log in to: Google, Facebook, your bank accounts, Netflix, airline accounts, utility accounts, Amazon, dating sites, etc. Bookmark them (the toolbar is best for easy access) and access those sites only by clicking on your bookmarks.
Remember: Do not do web searches in this browser. That’s what your “everyday” is for. By not searching in this browser nor using it to browse the web, you’ll greatly limit the online activity the websites you do need to log in to can see. But just in case you forget this and do accidentally perform a search, make sure you change the default search engine in your “accounts” browser to DuckDuckGo, the privacy-focused search engine that doesn’t track you.
After you’ve done this, congratulations, your “accounts” browser is now set up.
Setting up your ‘everyday’ browser
The next step is to set up your “everyday” browser. Remember, this is the browser you will use to search and browse the web, so it’s the one you’ll be using most of the time. There are plenty of great browsers to use as your “everyday” browser, but I recommend Firefox because it offers so many built-in security and privacy protections, and even more through extensions. This makes it one of the most secure browsers you can use if set up properly. Other viable options include browsers like Brave and the Tor browser.
For more, click here.
Recommended Posts
Training on cybersecurity awareness for Department of Women Affairs
25 Nov 2023 - Articles, English articles, News, News Clipping, Service