Everytime this is reposted in a new template I remind everyone that no one is using incognito mode to hide from their ISP they are using it to hide from their spouse or partner.
I also use private mode for searching things that I myself would be appalled to find in my own search history.
That’s pretty advanced usage - hiding stuff from yourself.
I produce a podcast that gets us into some twisted corners of the internet. Especially when I fact check things for the other hosts. Mullvad + proton VPN always up, no question.
Or occasionally just when I’m looking up something stupid and don’t want to see advertisements for the next two weeks for it.
I mainly use it for random things that I don’t want to influence my recommendations, like clickbait YouTube videos.
Beyond that it’s legitimately useful for logging into a second account on a site or for various testing purposes as a web developer. Though if you’re consistently using it for the former, containers are a better solution.
Also useful for testing links that might only work if signed in.
For instance, if I share a link to a OneDrive file, will it force the receiver to sign up with Microsoft before they can view the file.
Eh, or they just don’t want a forever history stored on their own computer any more than they want it stored on someone else’s computer.
…and so that typing in a url doesn’t automatically auto fill with a site you’d rather not let anyone else see.
That’s an option you can disable, no need for incognito
Yes, but I want auto fill turned on for some websites because they go straight to the section that I want instead of navigating through the site every time.
I don’t need the obvious URL’s popping up whenever I start typing. I’m just one fat finger away from a bad mistake and subsequent loud sounds on my studio speakers when anyone could be around if I don’t do that.
It’s best to keep that stuff separated out to spare yourself some incredibly avoidable embarrassing moments.
i use private windows mainly so i don’t clutter up browser histories with useless stuff i won’t go back to (if i do run across something to save, it gets bookmarked or printed to pdf).
Yeah thats why I use Firefox Focus on mobile. It has no feature to save history. I use normal Firefox in case I want to save history or login permanently
I mainly use it so my wife doesn’t see the stupid crap I look up
No doubt. Whoever’s making these memes obviously wasn’t around when Incognito/Private browsing was introduced. It was never advertised as hiding anything from your ISP.
Not even to hide anything from anyone, but to not have porn pop up in suggestions when casually browsing internet.
I do this on both phone and computer, that my wife doesn’t even know password to (or care about)
It’s for wanking. That’s it. It only ever goes to pornhub
I’m in my thirties, single for years and occasionally make sexual jokes. People know I fap. Everyone faps (huh, could be the title for an educational children’s book…), I don’t hide my browser history. Other question is who from? I live alone.
I’ve always been used to browser clearing everything on exit. On my phone I set Firefox focus as the default browser so whenever I search anything I just dump it after
I use private mode for a whole bunch of stuff, visiting shopping sites i dont want coming up in targeted ads, watching youtube videos that are out of my usual jam and not wanting to get endless suggestions for crap im not into because i wanted to see a plumbing repair how-to or listen to a song wildly out of my usual genres because i was in the mood.
Because different accounts are not possible on every OS, right?
Browser profiles serve very different needs from OS level accounts.
Yes, they do. I use 4 different browser profiles for various things. But everyone who uses my computer while I cannot control what they do, gets their own user account or can use a guest account.
My brother in Christ, you are literally giving an example of how browser profiles and OS accounts solve different problems.
I use it for Xmas shopping and for when I don’t want a site to auto login with any of my sessions.
Firefox containers
Put all your accounts in different containers and just open the page outside of them (also great for multilogging and not being cookie tracked)
That’s great for sites you visit routinely but way more hassle than it’s worth for one-off visits.
The ISP can see every domain, but not every page. That’s what HTTPS everywhere was all about.
And hopefully in the future they won’t even he able to see the domain. I wonder why they never considered giving out certificates for IPs to solve this problem. Seemed like the easiest solution to me.
They need the IP address to know where to forward the packet to. Hard to avoid that without VPN or TOR.
It doesn’t really help. The ISP needs to route you somewhere to get the data, so they’ll need to know who you want to talk to. Even if they don’t see the DNS name (like if you used a third party DNS server) they can still associate the IP address with someone.
There’s things like TOR and VPNs that can route your information through other third parties first, but that impacts performance pretty significantly.
Yeah, but often enough multiple sites share a single IP. It would already be better if the ISP (and everyone in between) didn’t know whether I wanted pink-fluffy-unicorns.com or hardcore-midget-bdsm.com.
Depending on where you’re going even IP addresses are getting to the point that they aren’t helpful. IP addresses are likely to belong to a cloud provider, and unless they are hosting email or a service that requires a reverse record, all you’d get is the cloud provider’s information.
SNI says no.
ECH/ESNI says yes
Yeah, that’s what I meant originally. But I still don’t know how to enable that in my Apache. My Google-Fu isn’t good enough. All I see is ads for CDNs and conflicting information about whether it’s supported in Apache or not.
They can see the entire URL, not just the domain. They just can’t see the contents themselves. But they can still see “dudesfuckingfurniture.com/gettingfreakywithadresser.mpeg”
Edit: I might be wrong
Are you sure? The file path after the domain would not be necessary for an ISP to see, only the domain. I’m not sure how all that works, but it’s definitely not a technical requirement thay they can see the complete URL.
After more research, you might be right. I could have sworn I saw full URLs in my router logs on encrypted sites though. I’ll have to check again.
It’s actually more secure than that.
https://blog.mozilla.org/en/products/firefox/https-protect/
They’d see the URL, but not the specific page.
They’d also theoretically see the size of the URL, and the size of the page, along with the transport type. So they can infer a lot of information from the exchange, but they couldn’t say for sure what you were viewing on a specific website.
When it comes to HTTPS, this is just plain wrong on a technical level.
Yeah, I corrected myself.
I’m not sure if that’s a real website. I’m not checking.
Narrator : Vej definitely did in fact check.
Fuck no I ain’t
As always on the Internet, rule 34 applies.
Lol plz no
The example link doesn’t work :'(
I was ready to go down a rabbit hole there
The one word more people need to know about: threatmodel
So you think people should assume they have absolute privacy because of the word “incognito”?
The joke says the opposite. He’s not hidden at all.
Encrypted DNS anyone? (NextDNS for example)
That solves a completely different problem. The ISP can still see who you requested data from.
That’s more about security around retrieving the correct IP address from a DNS query, and doesn’t do that much for privacy.
DoT also encrypts the request, so the ISP cannot spy on the Domain Name you have requested.
And thanks to Https the ISP only sees the IP address which cannot in every case be resolved to a unique Domain, especially large sites that are hosted on service providers like Cloudflare, amazon etc etc
But what’s not encrypted by either is the Server Name Indicator or SNI, ie: the initial request to a webserver stating which host you’re trying to reach at that IP, before establishing the TLS connection, contains the domain you’d requested via DoH/DoT, in plaintext.
encrypted SNI is a thing now.
True. Known as Encrypted Client Hello now, as part of TLS1.3.
It seems many more browsers support it than last I’d looked. I’m curious to see how much of the general web has adopted support for it onnthe server side. I’ll have to look into that more, and see what it’ll take to setup for self-hosting.
https://www.cloudflare.com/learning/dns/dns-over-tls/
If I understand it correctly DoH (which I use with NextDNS) should prevent ISP from snooping.
It will prevent the ISP from snooping on, or tampering with, the DNS request. However when you go to use the IP you’ve retrieved via DoH/DoT; your first request establishing a TLS connection to that IP will contain an unencrypted SNI which states the domain you are trying to use. This can be snooped on by your ISP.
That is correct. HSTS helps to some degree but the very first request is still unprotected.
Its true for every browser except Tor.
…secure DNS and https everywhere…says otherwise…
I always thought private browsing was just so all the porn content doesn’t stay in search history’s and the address bar doesn’t auto fill fatasshonkeybabes.com if my grandmother sits down to look at her Facebooks.
That is exactly what it is.
Also VPNs see everything you do, but please, again, enlighten me how paying some OTHER corporation somehow better protects me from corporations?
A VPN isn’t magically solving all privacy and security issues. Personally, I would trust Mullvad, Proton and IVPN with my data over my ISP. They’ve been audited, and they’ve been put to test multiple times, and not been able to give away data. But it all really boils down to personal needs, and each to their own on that. If you don’t want a VPN, then don’t buy into one.
Set https everywhere. Use secure DNS servers. Install TOR along with all that. Tell me how your VPN provider can “see everything you do” with many layers of encryption, decentralization, and propagation of your data?
