We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Tìm hiểu thêm

How to ensure Privacy Settings are honored...or is there a cached web content loophole?

  • 2 trả lời
  • 1 gặp vấn đề này
  • 1 lượt xem
  • Trả lời mới nhất được viết bởi cor-el

more options

I've noticed that searches retain information about my previous searches after I close the browser; 'Delete cookies and site data when Firefox is closed' setting is selected. My tests seem to point to a security loophole with Cached Web Content.

Question: how can I ensure privacy settings are honored, or, if there is a loophole, how can I get Firefox to also clear Cached Web Content on close?

In my repeated test cases, I used bing to search for '5/8 irrigation kit', then closed the browser and reopened. Cookies and site data show 0 bytes (see attached images), Cached Web Content show something greater than 0.

Next, I go to bing.com/news, scroll through stories, and see an advert for an irrigation kit as one of the sponsored adverts.

As a further test after the original search, I try the following to see if I was being track another way, with the same resulting sponsored advert showing:

  • Restarted laptop
  • Restarted ONT (to get a new IP) and wifi

The following 2 scenarios seemed to resolve the issue after the original search and seeing the same resulting sponsored advert:

  • Turned on VPN
  • Cleared Cached Web Content

Clearing Cached Web Content seems to be the solution, and a possible privacy loophole. Cached Web Content is not part of the auto-delete-at-close feature.

Oddly, I haven't been able to consistently replicate the above starting with the VPN on and having it on through the tests. It sometimes shows the same resulting sponsored advert, and sometimes not.

I tried to replicate this with Safari. It's auto-delete feature at close and similar privacy setting seems to work according to what I would expect with the same test scenario; which is, no previous search-informed sponsored advert.

Details:

  • Firefox 76.0.1 (64-bit)
  • Firefox privacy settings shown in attached images
  • MacBook Air 2019
  • macOS Catalina Version 10.15.4
  • Verizon Fios
I've noticed that searches retain information about my previous searches after I close the browser; 'Delete cookies and site data when Firefox is closed' setting is selected. My tests seem to point to a security loophole with Cached Web Content. Question: how can I ensure privacy settings are honored, or, if there is a loophole, how can I get Firefox to also clear Cached Web Content on close? In my repeated test cases, I used bing to search for '5/8 irrigation kit', then closed the browser and reopened. Cookies and site data show 0 bytes (see attached images), Cached Web Content show something greater than 0. Next, I go to bing.com/news, scroll through stories, and see an advert for an irrigation kit as one of the sponsored adverts. As a further test after the original search, I try the following to see if I was being track another way, with the same resulting sponsored advert showing: * Restarted laptop * Restarted ONT (to get a new IP) and wifi The following 2 scenarios seemed to resolve the issue after the original search and seeing the same resulting sponsored advert: * Turned on VPN * Cleared Cached Web Content Clearing Cached Web Content seems to be the solution, and a possible privacy loophole. Cached Web Content is not part of the auto-delete-at-close feature. Oddly, I haven't been able to consistently replicate the above starting with the VPN on and having it on through the tests. It sometimes shows the same resulting sponsored advert, and sometimes not. I tried to replicate this with Safari. It's auto-delete feature at close and similar privacy setting seems to work according to what I would expect with the same test scenario; which is, no previous search-informed sponsored advert. Details: * Firefox 76.0.1 (64-bit) * Firefox privacy settings shown in attached images * MacBook Air 2019 * macOS Catalina Version 10.15.4 * Verizon Fios
Đính kèm ảnh chụp màn hình

Tất cả các câu trả lời (2)

more options

You can clear other data via "Clear history when Firefox closes".

"Delete cookies and site data when Firefox is closed" should be used to clear cookies if you want to keep cookies with an allow exception because using "Clear history when Firefox closes" to clear cookies removes all cookies.

more options

The second screenshot suggests that you use permanent Private Browsing mode (Always use Private Browsing mode; Never Remember History) and that means that you can't remove data that was stored in a regular session.
Data from a PB mode sessions is kept in memory and thus purged automatically, but you can't affect data stored in a regular (non PB) session.