Comments on: Security and usability - Google Chrome’s Incognito mode http://paheli.net/blog/2008/09/11/security-and-usability-google-chromes-incognito-mode/ Everything is a Puzzle waiting to be solved! Wed, 07 Jan 2009 18:10:35 +0000 http://wordpress.org/?v=abc hourly 1 By: Firefox Incognito / Private Browsing Mode - Part II | Shantanu's Technophilic Musings http://paheli.net/blog/2008/09/11/security-and-usability-google-chromes-incognito-mode/#comment-26 Firefox Incognito / Private Browsing Mode - Part II | Shantanu's Technophilic Musings Thu, 11 Sep 2008 19:16:50 +0000 http://paheli.net/blog/?p=31#comment-26 [...] Add comments My Sites: My Blog | My Tech Blog | Follow me on Twitter—-A few people (e.g. Varun) told me my previous post differed from the way how google chrome / Microsoft IE8 handle Incognito [...] [...] Add comments My Sites: My Blog | My Tech Blog | Follow me on Twitter—-A few people (e.g. Varun) told me my previous post differed from the way how google chrome / Microsoft IE8 handle Incognito [...]

]]> By: Shantanu Goel http://paheli.net/blog/2008/09/11/security-and-usability-google-chromes-incognito-mode/#comment-25 Shantanu Goel Thu, 11 Sep 2008 04:50:40 +0000 http://paheli.net/blog/?p=31#comment-25 BTW just thought of a way to do the "not saving to disk" method for firefox as well. Completely hypothetical (and might work only in linux), but maybe i can do it. Wait till weekend, will try and let you know Thanks for pointing this out, gives me something better to ponder about and do a real hack than just clicking around making a new profile and checking a few boxes... :) BTW just thought of a way to do the “not saving to disk” method for firefox as well. Completely hypothetical (and might work only in linux), but maybe i can do it. Wait till weekend, will try and let you know
Thanks for pointing this out, gives me something better to ponder about and do a real hack than just clicking around making a new profile and checking a few boxes… :)

]]> By: Shantanu Goel http://paheli.net/blog/2008/09/11/security-and-usability-google-chromes-incognito-mode/#comment-24 Shantanu Goel Thu, 11 Sep 2008 04:42:30 +0000 http://paheli.net/blog/?p=31#comment-24 Yes, you are right about the usability part. Actually that should be fixable easily. I had earlier thought of doing all the above steps in a script that someone could just download and double click and be "incognito" before being able to say "voila!" :) Or maybe firefox guys should make it more prominent. Moreover, once the "setup" is done then there is no extra efforts after that. Well, abt the extra options, I did check the boxes for my use but forgot to write about them :), maybe subconciously assumed that people would know about that, but yes that counts as an oversight and you are right again that usability takes a step back when there is an "extra" step involved. About the writing to disk part, Google says that the cookies are cleared only after you close the windows and read at some places while googling that it is not, infact, clearing everything up. So, cookies definitely go to hard disk. Not sure about rest of the things going to hdd or not. Any links? About the rest of the stuff, XSS prevention etc, I completely agree its better in chrome (though I use NoScript extension to prevent myself in firefox but its obviously better if its not needed at all). One more thing, I'm not too well-versed with web technologies, but do you know if/what would be "legal/positive" use cases for XSS? Yes, you are right about the usability part. Actually that should be fixable easily. I had earlier thought of doing all the above steps in a script that someone could just download and double click and be “incognito” before being able to say “voila!” :)
Or maybe firefox guys should make it more prominent. Moreover, once the “setup” is done then there is no extra efforts after that.
Well, abt the extra options, I did check the boxes for my use but forgot to write about them :), maybe subconciously assumed that people would know about that, but yes that counts as an oversight and you are right again that usability takes a step back when there is an “extra” step involved.
About the writing to disk part, Google says that the cookies are cleared only after you close the windows and read at some places while googling that it is not, infact, clearing everything up. So, cookies definitely go to hard disk. Not sure about rest of the things going to hdd or not. Any links?
About the rest of the stuff, XSS prevention etc, I completely agree its better in chrome (though I use NoScript extension to prevent myself in firefox but its obviously better if its not needed at all).
One more thing, I’m not too well-versed with web technologies, but do you know if/what would be “legal/positive” use cases for XSS?

]]>