<div dir="ltr">I've also noticed that while using the "incognito" feature, I was able to see my history from a regular browser window.<br><br>Example:<br>If I were to visit "<a href="http://www.microsoft.com">www.microsoft.com</a>" in a regular window, opened a new "incognito" window, then type in "www" in the URL bar, it shows that I've visited "<a href="http://www.microsoft.com">www.microsoft.com</a>" or any other site that was visited from a regular browser window. <br>
<br>So it looks like the History in a regular browser window is accessible from the "incognito" window, but not the other way around.<br><br><br><div class="gmail_quote">On Thu, Sep 4, 2008 at 3:27 PM, Hideki Saito <span dir="ltr"><<a href="mailto:hidekis@gmail.com">hidekis@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Just curious to how private is their private browsing feature. Don't<br>
feel much secure to me for plugins (perhaps cookies are isolated though)<br>
as it is not really meant for use with Tor...<br>
<div><div></div><div class="Wj3C7c"><br>
> Hi all,<br>
><br>
> I've been playing around with Google's new web browser and Tor. I<br>
> thought it might be good to share my findings with everyone.<br>
> After reading Google's privacy policy[1], I for one would not want to<br>
> use this on a regular basis, if at all.<br>
><br>
> The first bug I tried was an old one I found with Firefox; the NEWS://<br>
> URI type.<br>
> Any link that has a NEWS:// URI will launch Outlook Express and<br>
> attempt to contact the server in the URL...without using Tor.<br>
><br>
> The second bug I found resulted in local file/folder disclosure.<br>
> This is very similar to the one I found in Internet Explorer.<br>
><br>
> The third bug I found was with MIME-TYPEs, specifically Windows Media<br>
> Player supported formats.<br>
> The BANNER tag can also leak your IP address when the playlist is<br>
> loaded *IF* WMP is not set to use a proxy.<br>
> Also, a playlist in WMP can specify protocols that use UDP, hence, no<br>
> proxy support...no Tor.<br>
><br>
> On the flip-side, it is very cool how each browser tab is it's own<br>
> process, making several types of attacks much more difficult.<br>
> However, with an invasive privacy policy, local proxy bypassing, and<br>
> local files/folders able to be read from your hard drive, I've decided<br>
> not to use this browser.<br>
><br>
> It just doesn't feel privacy/anonymity friendly to me.<br>
> Anyone else want to chime in on this?<br>
><br>
><br>
> - Kyle<br>
><br>
> [1] <a href="http://www.google.com/chrome/intl/en/privacy.html" target="_blank">http://www.google.com/chrome/intl/en/privacy.html</a><br>
> (Basically states you have no privacy when using Chrome)<br>
<br>
</div></div></blockquote></div><br></div>