The Practical Guide To Mac Security: Part 18, Private Browsing

Hi, this is Gary with MacMost.com. This is Part 18 of my course The Practical Guide to Mac Security. MacMost is brought to you thanks to a great group of supporters. Go to MacMost.com/patreon. There you could read more, join us, and get exclusive content and course discounts.

So during this course I've talked about lots of things that you may not have considered to be part of security like using multiple user accounts, using an uninterrupted power supply, or a backup. Those are in fact very important for security. But there are also somethings on the other side. Some things that may seem like they are very valuable security tools when in fact they are not really. One of those things is private browsing. 

So in Safari, when you have a Safari window open and you're browsing, you have the ability to go to File and then New Private Window as opposed to New Window. Now you may think that opening up a new private window is a fantastic security feature. In fact it's a really good privacy feature but it really doesn't do anything extra for security. So it's important to understand what private browsing is. 

So here in this window, for instance, I am logged in to Twitter. I'm logged into my Twitter account and if I were to go to another browser window and then go to Twitter I would then be logged in to that same account. However, if I were to go and create a New Private Window and then go to Twitter it would act as if I'm not logged in at all. These two windows behave differently. This one, which is a normal window, acts as if I'm logged in and any other window I open up that's a normal window would remember that I'm logged in. But this Private window acts as its own separate thing. Imagine, for instance, that you were using two browsers. You were using, say, Safari and Chrome and you were to log into a website using Safari. When you went over to Chrome you would not expect to be logged into that website. You're using a different browser. So you would have to log in there. 

Private browsing windows work just the same way. This Private Browsing window acts just like a second browser. Like you go to a completely different browser that knows nothing about this browser. What in fact happens is this is an isolated kind of window browser that is separate. It doesn't have anyway to connect to this one. It doesn't know what you're logged into and information can't transfer between these two windows. One of the main things that happen is website data, which is stored locally, also known as cookies, are separate between these two. So if I go to Safari and then Preferences and then look under Privacy and Manage Website Data you'll see all these different websites that have cookies set for them. Now cookies aren't necessarily a bad thing. They can be used for tracking you across sites and that's what advertisers do. But cookies can also be used for useful things. For instance, a classic example is a weather site that you go to and the weather site says, what's your zip code and I'll tell you your weather that's local to you. You enter your zip code and it says, great here's your local weather. The next time you return to that site it instantly just shows you your local weather. It stored that zip code in a cookie locally on your hard drive. So that you don't have to enter in that zip code again. That's a great example of a good use for a cookie. When you set cookies they appear here as website data. 

Now private browsing window sees none of that. The cookies that you see stored in Safari are for your regular windows. A private browsing window opened as if you had no cookies installed. Not only that, but as you go around and store cookies, like for instance if I were to log into a different Twitter account here it would store some cookies saying which account I logged into and maybe some other settings and references. But the cookies would be stored separately for this private browsing window as they would for your regular browsing window. Then to cap that off when I close this private window those cookies that were stored for that Private Browsing Window are now gone. They've vanished. They were erased. It's pretty much like using a guest user account in that way. Kind of like having a guest browser window. 

So one use for this would be that if I wanted to log into two accounts at the same time, something you can pretty easily do on Twitter, but let's say you're on Facebook and you're logged into a Facebook account and then you have another Facebook account, a corporate one that you manage, you could create a new private window. You could log into a separate Facebook account on this window and you would still be logged into your main Facebook account in this window. You wouldn't have to log off and then log on again to switch accounts. These two windows could be separate browsers logged into separate accounts. The only difference being that when you close this one, since it's a private window it erases all of that. So closing the private window now you're disconnected to whatever you logged into. In order to get it back you would have to create a new private window and go back to that site and log in again. So it's very handy for that.

It's also very handy from a privacy standpoint for when you don't want those trackers. So, for instance, say you're thinking of buying a new car. You know that in your main browser window if you were to search for car models that you're probably going to see ads for cars for now until, you know, months and months from now. You're going to get tons of ads for cars. You'd rather not see that. You open up a new private window. Do your search for cars in there. Then, in this private window you're probably going to see lots of ads for cars, but as soon as you close it all those cookies, all those trackers are gone. Now back in your main window you won't see that. It will behave as if you never did those searches for things. 

Private browsing windows are also useful when you do web searches if you're a developer of websites. If I were to do a search here it would recognize a lot of different things about me and maybe customize my search based on what I'm logged into, based on what I've searched before. But a private browsing window would be like a completely new person that's never been on the internet and you would search here and it might give you results more typical of what others could see. 

So private browsing windows have their uses and they are useful as a privacy tool sometimes. But, as a security tool they are not necessarily very useful at all. So keep that in mind. They are good to use if you know what you're doing and you need that. But otherwise, from a security standpoint, you don't really need to use private browsing windows.