21 November 2018

Research pick: Your web browser is never private - "A comparative forensic analysis of privacy-enhanced web browsers and private browsing modes of common web browsers"

If you access the world wide web, you have used a web browser. But, how many of us consider our privacy when doing so, the information and data being harvested by the browser and the companies and organisations with whom we connect online? Moreover, even if one uses a so-called “incognito” mode, data is still being transferred back and forth to the various computers in the chain.

Ryan Gabet of Cisco Systems, Inc., in Morrisville, North Carolina, USA and Kathryn Seigfried-Spellar and Marcus Rogers of the Department of Computer and Information Technology, at Purdue University, in West Lafayette, Indiana, USA, have carried out a forensic analysis of web browsers that claim to be “privacy enhanced” and the “private browsing” modes of common web browsers. The privacy enhanced browsers in their study are: Dooble, Comodo Dragon, and Epic and the standard web browsers tested in private mode were: Google Chrome, Microsoft Edge, and Mozilla Firefox. They also looked at how well two forensic tools used by law enforcement FTK and Autopsy were at recovering data and information from these browsers.

Fundamentally, all of the browsers performed about the same as each other in so-called private mode against FTK, which was the better tool at retrieving information. “This study did not produce sufficient evidence to conclude enhanced privacy browsers do indeed provide better privacy,” the team reports in the International Journal of Electronic Security and Digital Forensics.

That said, the team qualifies their conclusion for privacy-minded individuals who wish to search the web. They point out that Firefox in private browsing mode and Dooble produced the fewest number of recoverable browser “artefacts”; which might be of use in law enforcement. The might also be of use in espionage or other malicious application. Browsers based on the Chromium platform produced artefacts as well as viewable data as did Microsoft Edge.

Gabet, R.M., Seigfried-Spellar, K.C. and Rogers, M.K. (2018) ‘A comparative forensic analysis of privacy-enhanced web browsers and private browsing modes of common web browsers’, Int. J. Electronic Security and Digital Forensics, Vol. 10, No. 4, pp.356–371

No comments: