If you’ve been using Microsoft Edge and hoping that all your private browsing was actually, you know, private, then think again. Turns out that it may be possible to reconstruct the site history of the browser, whatever mode it’s in.
Beta News reports that Edge seems to record the browsing history even when a user activates its InPrivate mode. It all apparently gets stored away in the browser’s WebCache file, which can be used to fully describe the history of website that the browser’s been used to view, whether in normal or private mode.
It seems researcher Brent Muir noticed the issue last year on his Digital Forensic Musings blog, writing:
[I]n the case of Microsoft Edge even the private browsing isn’t as private as it seems. Previous investigations of the browser have resulted in revealing that websites visited in private mode are also stored in the browser’s WebCache file.
NOTE: The Container_n table stores web history. There a field named ‘Flag’ will be available. A website visited in the private mode will have a flag value as ‘8’. Generally the purpose of storing this information is to retrieve crashed private sessions… Therefore any skilled investigator can easily spot the difference and get concrete evidence against a person’s wrongdoings.
Oops. Acording to Beta News, Microsoft claims that it’s “aware of a report that claims InPrivate tabs are not working as designed” and is “committed to resolving this as quickly as possible”.
With Internet Explorer 8, 9 and 10 dead, more people are likely using Edge than before. How about Firefox or Chrome instead?