this post was submitted on 23 Apr 2024
1038 points (97.0% liked)

Memes

45753 readers
816 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] JamesStallion 176 points 7 months ago* (last edited 7 months ago) (28 children)

Everytime this is reposted in a new template I remind everyone that no one is using incognito mode to hide from their ISP they are using it to hide from their spouse or partner.

[–] [email protected] 108 points 7 months ago (3 children)

I also use private mode for searching things that I myself would be appalled to find in my own search history.

[–] [email protected] 56 points 7 months ago (1 children)

That's pretty advanced usage - hiding stuff from yourself.

[–] [email protected] 27 points 7 months ago

Never underestimate the depths of my shame.

[–] [email protected] 16 points 7 months ago

Or occasionally just when I'm looking up something stupid and don't want to see advertisements for the next two weeks for it.

[–] [email protected] 9 points 7 months ago

I produce a podcast that gets us into some twisted corners of the internet. Especially when I fact check things for the other hosts. Mullvad + proton VPN always up, no question.

[–] [email protected] 53 points 7 months ago (1 children)

I mainly use it for random things that I don't want to influence my recommendations, like clickbait YouTube videos.

[–] [email protected] 21 points 7 months ago (3 children)

also good for temporarily logging in to an account on a service without logging out of your regular one on main

[–] [email protected] 10 points 7 months ago

Literally my usecase for it. Quickly test the browser if it's an issue related zo my account or not.

load more comments (2 replies)
[–] [email protected] 35 points 7 months ago (1 children)

Beyond that it's legitimately useful for logging into a second account on a site or for various testing purposes as a web developer. Though if you're consistently using it for the former, containers are a better solution.

[–] [email protected] 7 points 7 months ago (1 children)

Also useful for testing links that might only work if signed in.

For instance, if I share a link to a OneDrive file, will it force the receiver to sign up with Microsoft before they can view the file.

load more comments (1 replies)
[–] [email protected] 19 points 7 months ago (2 children)

...and so that typing in a url doesn't automatically auto fill with a site you'd rather not let anyone else see.

load more comments (2 replies)
[–] [email protected] 18 points 7 months ago

Eh, or they just don't want a forever history stored on their own computer any more than they want it stored on someone else's computer.

[–] [email protected] 8 points 7 months ago (2 children)

i use private windows mainly so i don't clutter up browser histories with useless stuff i won't go back to (if i do run across something to save, it gets bookmarked or printed to pdf).

load more comments (2 replies)
[–] [email protected] 8 points 7 months ago

I’m not even hiding it in the sense that I’m being sneaky. My spouse just rather not see it in the suggestions!

[–] [email protected] 8 points 7 months ago (4 children)

It’s for wanking. That’s it. It only ever goes to pornhub

load more comments (4 replies)
[–] [email protected] 6 points 7 months ago

No doubt. Whoever’s making these memes obviously wasn’t around when Incognito/Private browsing was introduced. It was never advertised as hiding anything from your ISP.

[–] [email protected] 6 points 7 months ago* (last edited 7 months ago)

I don’t need the obvious URL’s popping up whenever I start typing. I’m just one fat finger away from a bad mistake and subsequent loud sounds on my studio speakers when anyone could be around if I don’t do that.

It’s best to keep that stuff separated out to spare yourself some incredibly avoidable embarrassing moments.

load more comments (18 replies)
[–] peteypete420 121 points 7 months ago (3 children)

I always thought private browsing was just so all the porn content doesn't stay in search history's and the address bar doesn't auto fill fatasshonkeybabes.com if my grandmother sits down to look at her Facebooks.

[–] [email protected] 71 points 7 months ago (1 children)

That is exactly what it is.

[–] [email protected] 45 points 7 months ago (2 children)

And it was always clearly stated as such. It's absurd that anyone was upset by this. I have yet to find a single user on here who did not properly understand what it was for, or at least none willing admit to being that dumb.

load more comments (1 replies)
[–] [email protected] 8 points 7 months ago* (last edited 7 months ago)

Private browsing in Google Chrome will not store your browsing data locally into your computer; but Google will still keep that data in their own records.

load more comments (1 replies)
[–] [email protected] 88 points 7 months ago (13 children)

The ISP can see every domain, but not every page. That's what HTTPS everywhere was all about.

[–] [email protected] 15 points 7 months ago (7 children)

And hopefully in the future they won't even he able to see the domain. I wonder why they never considered giving out certificates for IPs to solve this problem. Seemed like the easiest solution to me.

[–] [email protected] 18 points 7 months ago (1 children)

They need the IP address to know where to forward the packet to. Hard to avoid that without VPN or TOR.

load more comments (1 replies)
[–] [email protected] 10 points 7 months ago (2 children)

It doesn't really help. The ISP needs to route you somewhere to get the data, so they'll need to know who you want to talk to. Even if they don't see the DNS name (like if you used a third party DNS server) they can still associate the IP address with someone.

There's things like TOR and VPNs that can route your information through other third parties first, but that impacts performance pretty significantly.

load more comments (2 replies)
load more comments (5 replies)
load more comments (12 replies)
[–] [email protected] 59 points 7 months ago (6 children)

The fact anyone ever thought this was for any reason other than making it easier to hide your porn browsing history from your mom is just silly.

[–] [email protected] 17 points 7 months ago (1 children)

That's pretty much all I use it for. To keep my porn browsing off of my history.

Not to hide it from anyone, I don't live with my mother anymore and I don't think my SO would care. More so that when I google something, I don't get porn auto complete entries in my everyday browsing.

I'm fully aware that my traffic is able to be monitored by my ISP (at least to the extent that there's a connection that exists. HTTPS is still not capable of being easily decrypted), and my DNS is resolving the address for the porn sites, and that Google (or whatever search engine) is logging that the search happened.... Or that the sites see my connection, from my IP, and know what I watched.

My only objective is that they can't link that to my normal browsing or accounts.

You know all those "share on"... Twitter/Facebook/whatever links? When they load, from Facebook, it asks the referer URL, and checks the browser for any cookies that might associate that browsing to a person for ad customization. Incognito isolates that information, so while Facebook/X(Twitter)/whoever may know that someone went to that URL, they have no cookie data to link it to a person uniquely, so they have information that the site was visited, but no idea who visited the site since any session cookies I have for those services are in my non-incognito browser.

[–] [email protected] 5 points 7 months ago* (last edited 7 months ago) (1 children)

You know all those "share on"... Twitter/Facebook/whatever links? When they load, from Facebook, it asks the referer URL, and checks the browser for any cookies that might associate that browsing to a person for ad customization. Incognito isolates that information, so while Facebook/X(Twitter)/whoever may know that someone went to that URL, they have no cookie data to link it to a person uniquely, so they have information that the site was visited, but no idea who visited the site since any session cookies I have for those services are in my non-incognito browser.

I mean, this is a little outdated by today’s practices. Any ad tracker worth their salt will be using browser fingerprinting as well.

Imagine this scenario: You have a user with a specific browser, with specific extensions installed, (which you can derive from the fact that your ads are getting blocked by a specific ad blocker, they have the “Do Not Track” flag enabled, you have a nice monitor with a large aspect ratio and you’re browsing in full screen so the site can see that aspect ratio, etc…) from a specific IP address. In normal browsing, this user has a tracking cookie so your “share on Facebook” buttons can see what sites they’re visiting.

But now you’re seeing an identical browser, with identical extensions, on an identical IP address. But this time it doesn’t have your tracking cookie. Sure, there’s the chance that two people are using identical settings. But as your extension list grows and your browser becomes more unique, your fingerprint becomes more easily identifiable. So now, even without that tracking cookie, they’re able to use that fingerprint to infer that you’re the same person and link your incognito browsing back to your regular browsing.

load more comments (1 replies)
load more comments (5 replies)
[–] [email protected] 25 points 7 months ago (16 children)

At a minimum this meme maker has no idea how TLS, browsers, cookies, or DNS work.

load more comments (16 replies)
[–] [email protected] 23 points 7 months ago (3 children)

Assuming you're using https, your ISP cannot see what pages you visit. It can only see what website you access (IP address).

[–] booly 14 points 7 months ago* (last edited 7 months ago)

The typical default configuration has the ISP providing DNS services (and even if you use an external DNS provider, the default configuration there is that the DNS traffic itself isn't encrypted from the ISP's ability to analyze).

So even if you visit a site that is hosted on some big service, where the IP address might not reveal what you're looking at (like visiting a site hosted or cached by Cloudflare or AWS), the DNS lookup might at least reveal the domain you're visiting.

Still, the domain itself doesn't reveal the URL that follows the domain.

So if you do a Google search for "weird sexual fetishes," that might cause you to visit the URL:

https://www.google.com/search?q=weird+sexual+fetishes

Your ISP can see that you visited the www.google.com domain, but can't see what search you actually performed.

There are different tricks and tips for keeping certain things private from certain observers, so splitting up the actual ISP from the DNS resolver from the website itself might be helpful and scattering pieces of information, but some of those pieces of information will inevitably have to be shared with someone.

load more comments (2 replies)
[–] [email protected] 12 points 7 months ago* (last edited 7 months ago) (2 children)

Only in Chrome? In every browser using private mode, private mode only delete the local storage (wbSQL, Serviceworkers, cookies, cache, etc), no other things, it hide nothing, for webpages which log you (or the search engine you use, AI and some other extensions which you use in "private"mode) it's irrelevant if you use private or normal mode. It's a very frecuent missconcept to believe that the private mode is the same as anonym browsing, simple extensions, like Cookie Autodelete or SiteBleacher do exactly the same as browsing in private mode, but with the feature that you can partial or full whitelist the pages where private mode isn't needed.

More or less Private only if you use VPN, SPN, MPR, Snowflake or at least a proxie.

load more comments (2 replies)
[–] [email protected] 11 points 7 months ago

The one word more people need to know about: threatmodel

[–] [email protected] 8 points 7 months ago (4 children)

Use Mullvad, iVPN or Proton and they really won't see what you're doing

with Mullvad and iVPN, be sure to use the quantum encryption. And to help obscure your traffic with proton, be sure to use a proxy that has around 50% to 60% usage. That way anyone who tries to use a quantum computer to break the encryption on a proton VPN proxy is going to see everyone else's traffic using that proxy as well as you. There would be a lot of shit to go through even if they use a quantum computer.

load more comments (4 replies)
[–] [email protected] 8 points 7 months ago (1 children)

Encrypted DNS anyone? (NextDNS for example)

[–] [email protected] 5 points 7 months ago (7 children)

That solves a completely different problem. The ISP can still see who you requested data from.

That's more about security around retrieving the correct IP address from a DNS query, and doesn't do that much for privacy.

load more comments (7 replies)
[–] [email protected] 7 points 7 months ago (1 children)

So you think people should assume they have absolute privacy because of the word "incognito"?

[–] [email protected] 8 points 7 months ago (2 children)

The joke says the opposite. He’s not hidden at all.

load more comments (2 replies)
load more comments
view more: next ›