Microsoft has finally released a public Beta of their next major browser release. IE 8.0, among many other great features, has an "InPrivate" mode, popularly dubbed the
"Porn Mode", as if "InPrivate" was not subtle enough. Irish Times then went a bit further and labeled it the
"porn browser". This all recalls the
debate over Heatseek browser from two years ago. Heatseak is an alternate browser built on IE.
Mention of Porn does get people excited. Just Google IE and "porn mode" and you'll find more than 76K pages.
So why do we really need InPrivate mode? As it has been repeated everywhere, it disables page caching, browser history and remembering of any session states such as form fields and cookies. Caching has annoyed me in the past. As Internet connection became rather fast, it made the caching irrelevant. Still, if you did not frequently clear your cache, you were likely to severely fragment your hard drive. Unlike the rest of your file system each page generates hundreds of small files that take ever more hard disk space, all in small blocks, which in turn clog large contiguous spaces and make the drive go back and forth just to cache a simple web page. Imagine dumping garbage down your drain. It clogs. Hence, if you ever wondered why your machine slows down by simply browsing the Internet, check your fragmentation levels, wipe that cache and defragment your drive. It is no wonder that Firefox offers automatic cache cleanup ("always clear my private data" feature). If this indeed is your experience, you may want to consider buying
Diskeeper.
But there are better reasons Keeping your cache or browser history has serious implications in Enterprise:
(1) Web Mail Privacy: Do you really want Google Desktop or any other desktop indexing software to be indexing your private mail along with your corporate data? If you don't care about it, you may still want to think twice as Web mail is protected private mail and your Employer should not be intercepting it without a warrant. As soon as it becomes a part of Google Desktop index, the story changes. Yet if it was not kept on the disk in the first place, you wouldn't have had the problem in the first place.
(2) Custom Web Application and Proporiatary Portals: Every Enterprise has one internal facing portal or another, tracking customers, partners, IT resource, you name it. As we all take our laptops home, should potentially sensitive data about our businesses and people be easily available for malware to grab it? If it is in cache, it is usually in clear text form and hence easily extractable by an outside piece of malicious code. How does that relate to any of the HIPA regulations? Think Medical records, Pharma Trial results. (3) Browser Cache based malware will need to work harder to infect your system as they will not be written to the disk by default. We could hence expect better protection from our Anti-Malware suites as there will be less things to scan and better heuristics for catching rogue buffer overflow attacks that are forcing their way onto disk.
Yes, porn will squeeze by too. Cheapening the discussion to simply a "porn mode" does make Microsoft sexier, something from which Microsoft could always benefit, but it doesn't do much to help us refine our security postures and do things better.
Yet concerns raised are valid as well. Without web cache, it will be more difficult to pinpoint a certain crime to a location and time. Did you surf that web site? Not everybody has implemented a DLP solution like
Vontu,
Vericept or
Tablus. Web cache, and for that matter any HD analysis that you can imagine, was a treasure trove for Forensics professionals in the past. It may be less so in the future.
That is all to change. Forensics will require new tools and new solutions. So in a tug of war, we fix some security scenarios which surely break other security solutions that worked around them, knowing full well that what was working before shouldn't have been working in the first place.