Microsoft Edge's Private Mode May Actually Record Your Browsing

Microsoft Edge's Private Mode May Actually Record Your Browsing

If you've been using Microsoft Edge and hoping that all your private browsing was actually, you know, private, then think again. Turns out that it may be possible to reconstruct the site history of the browser, whatever mode it's in. Beta News reports that Edge seems to record the browsing history even when a user activates its InPrivate mode. It all apparently gets stored away in the browser's WebCache file, which can be used to fully describe the history of website that the browser's been used to view, whether in normal or private mode.

It seems researcher Brent Muir noticed the issue last year on his Digital Forensic Musings blog, writing:

[I]n the case of Microsoft Edge even the private browsing isn't as private as it seems. Previous investigations of the browser have resulted in revealing that websites visited in private mode are also stored in the browser's WebCache file.

NOTE: The Container_n table stores web history. There a field named 'Flag' will be available. A website visited in the private mode will have a flag value as '8'. Generally the purpose of storing this information is to retrieve crashed private sessions... Therefore any skilled investigator can easily spot the difference and get concrete evidence against a person's wrongdoings.

Oops. Acording to Beta News, Microsoft claims that it's "aware of a report that claims InPrivate tabs are not working as designed" and is "committed to resolving this as quickly as possible".

With Internet Explorer 8, 9 and 10 dead, more people are likely using Edge than before. How about Firefox or Chrome instead?

[Digital Forensic Musings]

Image by RoSonic / Shutterstock.com


Comments

    hold on, hold on, hold on! Let me put on my surprised face!

    -_-

    There we go.

    Actually the original research came from here - http://bsmuir.kinja.com/windows-10-microsoft-edge-browser-forensics-1733533818 - I should know, I was the one who discovered it. The article has been updated to reflect this fact and the plagiarised Forensic Focus article has been taken down...

      Hey Brent, thanks for the comment -- and sorry about that. I've updated the article to reflect your findings!

        Thanks Campbell, I appreciate it. If you ever want to do an article on digital forensics get in touch!

    That's why I don't use Microsoft Edge browser, whether Microsoft intended it or not.

    That's a shame, it'll set back the market share a bit.

    I've found Edge to generally be great (and waaaay faster/smoother than Chrome), only reason I still mostly use Chrome is Adblock.

    Seriously, who gives a shit? As long as it makes it easy to log into my other Hotmail account, and it does, I really couldn't care less. What are people doing that they think they need to hide from forensic investigation?

Join the discussion!

Trending Stories Right Now