How does one prevent browser leakage of Internet privacy?

With the increasing competition, various browsers have their own unique privacy policies and security mechanisms, including Firefox, Google, IE, SAFARI, and other browsers, they constantly improve their security standards and Privacy Policies to serve users. Even so, the risk of privacy leakage still exists. As a user, we also need to know about browser and privacy, so as to better protect your own Internet privacy.

Privacy issues caused by "browsing history"

The "browsing history" mentioned in this section includes at least the following information:

• Website history
• Download history
• Page Cache
• Various Cookies

How does "browsing history" leak privacy?

For example, if I want to know what website you often visit, I just need to open your browser and open the history to see at a glance.

The usefulness of "Privacy browsing mode"

Today, several mainstream browsers Firefox, Chrome, and IE have supported the "Privacy Browser" function.

The browser will not save the corresponding "browsing history" for the internet behavior you perform in "private browsing mode ". When you exit the "Privacy Browser" or close the browser, the information will disappear.

Limitations of "Privacy browsing mode"

However, the "private browsing mode" is not safe enough. If a plug-in such as Flash is installed in your browser, the "privacy mode" may be partially invalid.

Because browser plug-ins are not controlled by the browser. Therefore, some plug-ins may leave traces of surfing the Internet even in "privacy mode.

The next section describes how plug-ins make the "privacy mode" partially invalid.

More thorough solution to browsing history-use virtual machines

If you are very concerned about the problems caused by "Browsing History", you can consider using the Operating System Virtual Machine to prevent such problems.

To use a virtual machine, perform the following steps:

1. First install the Virtual Machine Software and then install a Virtual Operating System Guest OS)

2. Install software related to Internet access in Guest OS, such as browsers, plug-ins, and so on)

3. Create a Guest OS snapshot before accessing any website. This is a clean snapshot)

4. surfing the internet in this Guest OS

5. After the Internet connection is over, roll back to this clean snapshot.

By performing the above steps, you can avoid leaving any traces of Internet access on your computer. Because virtual machines are operating systems, even browser plug-ins do not leave any trace.

Privacy issues caused by browser plug-ins

◇ Differences between "ins" and "extensions"

First, the difference between plug-ins and extensions is confusing by many IT technicians ). The so-called plug-in is called "plugin"; the so-called extension is called "extension ". The differences between the two are as follows:

Plug-ins

In terms of functions, the plug-in is usually used to render the <object> or <embed> label in the page; it does not add the browser's own functions.

Plug-ins generally implement underlying functions. They are generally written in the local code of the operating system, also known as "native code") and can call the API of the operating system. In the form of DLL files in the dynamic library Windows), the plug-in is loaded into the browser process. Due to the use of local code writing, plug-ins usually depend on the specific operating system, different systems of plug-ins cannot be mixed ).

Example:

• Flash plug-in
• Media Player Plugin
• PDF plugin
• Java Plug-in
• Various online banking controls

Extension

Extensions, as the name implies, are used to expand the functions of the browser. Therefore, extensions can call the browser's own APIs, but extensions generally cannot call the operating system APIs.

In general, expansion is not related to the operating system. For example, most Firefox extensions can be used for both Windows Firefox and Windows OS X Firefox.

Example:

Plug-in privacy issues

As I said just now, the plug-in is written in local code and the API of the operating system is called. Therefore, the browser cannot control the behavior of the plug-in. Relatively speaking, the extension calls the browser's API, so the extension behavior is more controllable for the browser.

Next, I will take Flash cookies as an example to let everyone look at the privacy problems caused by plug-ins.

Example: Flash cookie

When talking about Cookies, we usually talk about HTTP Cookies in browsers. But in addition to browsers, plug-ins may also have their own Cookies. For example, the most popular plug-in Flash has its own cookie function.

Flash Cookies are collectively referred to as "Local shared object ". Flash files on Web pages can be used to save some information in your operating system. Therefore, Flash Cookies, like "HTTP Cookies", may cause some privacy issues.

From the above example, we can see that plug-ins can also leave some traces in the operating system, which may be called "plug-in cookies "). What's more annoying about "plug-in Cookies" than "HTTP Cookies" is that it is independent of browser Cookies. This leads to the following two privacy issues:

1. When you clear HTTP Cookies in your browser, the cookie of the plug-in will not be affected;

2. The "privacy mode" of the browser limits the permanent preservation of HTTP Cookies, but the browser cannot restrict the cookie of the plug-in. This is the limitation of the "Privacy browser mode" mentioned just now)

Note: Since Flash 10.3, Adobe has solved the problem of integrating Flash cookies with browsers through technical means. That is to say, the browser can also clear Flash Cookies while clearing HTTP Cookies.

However, other plug-ins may still have the above problems.

How can we prevent the traces of plug-ins?

There are two methods:

Method 1

The most direct method is: do not install any plug-ins in your browser.

Method 2

If you have to install some plug-ins, you can also take advantage of the snapshot function of the virtual machine. This method has just been mentioned, so it will not be too long.

Let's talk about HTTP cookies in the next article.