this post was submitted on 09 Oct 2023
41 points (91.8% liked)

Privacy

31939 readers
675 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I am using Mozilla Firefox as my web browser. I have configured it to clear cookies, active logins, form & search history, and offline website data when I close Firefox. Should I also configure it to clear the cache? What are the privacy implications if I don't clear the cache?

EDIT: additional information:

  • My goal is to reduce fingerprinting and tracking by websites.
  • I use Mozilla Firefox on my personal laptop that almost never leaves my residence. The laptop has full disk encryption. I am the only user of the laptop.
  • I don’t erase my web browser history. I want to keep browser history for my future reference.
all 19 comments
sorted by: hot top controversial new old
[–] [email protected] 13 points 1 year ago* (last edited 1 year ago) (3 children)

If you don't clear the cache, somebody could forensically examine your hard drive, and infer what websites you've been to.

The tricky thing is, even if you clear the cache on exit, the files still exist on the hard drive or SSD. And still can be recovered forensically. It's better to not write them at all to disk if you're worried about privacy

If you want to browser that doesn't store anything on disc, look at the tor foundation browser, or the mullvad browser. Both code bases do everything they can to prevent things from being written to disk even temporarily.

[–] [email protected] 24 points 1 year ago (3 children)

This is why I drill my drives everytime I shut down my computer /s

[–] [email protected] 9 points 1 year ago

Ah, the famous hard reset

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (1 children)

Expensive practice:) I've worked for corporations that require all data storage to be destroyed when the computer is retired or resold. So the drives get stripped out, sent to a company that certifies that the drives are completely destroyed. Because of this exact reason.

I think I've even seen the iron mountain data destruction truck parked outside. They just destroy the hard drives on site even. It's great

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Yeah the school district I worked for did this too

[–] [email protected] 4 points 1 year ago

Are you even taking privacy seriously if you don't use thermite every time you close a browser tab to erase all evidence?

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

That's why you use a TMP drive for cache, a ram disk or on Linux store cache in tmpfs.

[–] [email protected] 0 points 1 year ago

It you can also use librewolf

[–] [email protected] 7 points 1 year ago (1 children)

You probably want to add to your post what kind of device in what kind of environment we are talking about.

Is it a device in your own home where you live alone or something you carry around? Is the device storage encrypted?

What are you worried about? Local access or some sort of data leakage when you revisit a site?

[–] [email protected] 2 points 1 year ago

Thank you for the feedback. I have added additional information to the original post. I hope that the additional information answers all your questions.

[–] [email protected] 5 points 1 year ago (1 children)

Is this really necessary since if it is your own device

[–] [email protected] 2 points 1 year ago (1 children)

Yes, because caches willl change the way your browser sends requests, and this can be used to fingerprint you

[–] [email protected] 1 points 1 year ago (1 children)

Do I have to clear history too? Or just cookies and site data is fine?

[–] [email protected] 1 points 1 year ago

Personally I shred the profile directory after every use.

Or use a QubrsOS DispVM, so the entire VM is destroyed after every use.

[–] [email protected] 2 points 1 year ago (1 children)

Let's look at this from an even more practical use case. The cache can become very large. To the point of it interfere with loading other programs and even itself. You absolutely should clear it even if you don't care a privacy because the benefits are minimal

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago)

Most of the time, the cache is limited in space. Unless you need the 1-1.5gB of space, it won't affect much.

[–] [email protected] 1 points 1 year ago

Try librewolf

[–] [email protected] 1 points 1 year ago

In my opinion there attack surface about cache of browser which can lead to privacy leak https://portswigger.net/web-security/web-cache-poisoning