Is Incognito really that safe?

Most of us enjoy using the Incognito Mode of Google Chrome. We think of it as a very convenient and safe way of browsing, as it allows you to log in to your email on school laptops without logging out afterwards, and also prevents your friends viewing your browser history when you lend your laptop to them. Indeed, nothing seems to be left after you close the browser, but how does the Incognito work and can it really guarantee us absolute Internet privacy? Well, there’s actually a lot more behind its black interface.

Firstly, to understand how the Incognito protects our privacy, we need to understand how web browsers work. For most of the websites, their data are placed on one or more machines in the world called the web servers, which may include the text, images or even videos they intend to show on their websites. For us, when we want to visit these websites and view the contents, we need to get the data from their servers, which is achieved with the help of our web browsers. So what a browser does is simply requesting and taking the data from the server for a particular website when we visit it, and rendering the information to us. (The browser in this case is considered the “client”, as opposite to the “server”)

At this point, you may wonder, the process of browsing seems to be uni-directional as it only takes data from the server. How could this threaten our privacy. Well, beyond simply taking data, there are something else the browsers do that may harm inadvertently leak our private information, and this is the sessions and cookies. When a website renders the content to you, it temporarily stores information for the connection between you and the server which are called sessions, it also wants to tailor to your personal preferences, which is achieved by sending certain information about you as a user to your browser and storing them in your browser for future uses, and these are called the cookies. (For example, sessions are used when you are logged into your email after typing the passwords even if you go to different parts of your email, and cookies are used when your email address is “suggested” the next time you try to log in.)

As a result, many times the sessions and cookies can be easily manipulated. For example, an ads website can use your cookies stored in the browser when you visit other websites, or some cookies though encrypted, can be decrypted and altered by hackers. So what the Incognito does, besides not recording the browser history, is deleting all the cookies after the browser is closed. In this way, the website and potentially the malice programs will get the minimum of your information. In fact, instead of using the Incognito, you can also choose to turn of cookies in the browser settings for Chrome and other browsers such as Microsoft Edge, which will achieve a similar effect as the Incognito.

However, as stated on the Incognito page, “going incognito doesn’t hide your browsing from your employer, your internet service provider, or the websites you visit”. The Incognito is not a magical cloak with which you can hide completely from the Internet, as when you are visiting a website, there will still be traces at the server side, and your computer system will also record certain information even if the cookies are not stored in the browser. So stay vigilant while using the Internet, even if you are using the Incognito!

If you want to explore more about how the sessions and cookies work, or know how to protect your privacy, kindly visit this Lynda tutorial