- You can now buy that viral game about an annoying goose 5 Years Ago
- Bill de Blasio was still running for president, but now he’s not 5 Years Ago
- How to stream Panthers vs. Cardinals in Week 3 5 Years Ago
- ‘American Dreamer’ is a frustratingly basic crime thriller starring Jim Gaffigan Today 7:00 AM
- ‘Smallville’ star Tom Welling will play Superman once again Today 6:43 AM
- How old is Beto O’Rourke? Today 6:30 AM
- How to stream Chiefs vs. Ravens in NFL Week 3 action Today 6:08 AM
- How to stream Saints vs. Seahawks in NFL Week 3 action Today 5:46 AM
- Reddit Relationships: Man laughs at girlfriend for using Microsoft PowerPoint during sex Thursday 8:59 PM
- The 15 Brad Pitt movies you need to see now, ranked Thursday 8:26 PM
- Facebook could face legal action over the Area 51 event Thursday 6:50 PM
- How to stream Texans vs. Chargers in NFL Week 3 action Thursday 6:40 PM
- Tekashi 69 alleges Cardi B was a Bloods gang member Thursday 5:55 PM
- Right-wing sites falsely claimed group of Somalis attacked man in viral video Thursday 5:00 PM
- Big creators risk losing checkmarks amid YouTube verification purge Thursday 4:56 PM
Top Google exec mistakenly suggests Chrome’s incognito mode can foil the NSA
Between foreign hackers and the National Security Agency (NSA), how is an innocent Internet user supposed to browse the web free of government surveillance?
Except that’s wrong—completely, absolutely wrong. The casual and ill-informed suggestion, delivered from the highest levels of the company responsible for Chrome, is dangerous to anyone looking for real security advice.
Incognito mode does not protect users from surveillance. Schmidt’s statement was so blatantly incorrect that a member of the Google Chrome security team—i.e., one of Schmidt’s own employees—could only respond with a very exasperated facepalm.
Schmidt’s comments came during an interview at the Cato Institute in Washington D.C. He was asked if Google received detailed information from Chrome users that other browsers do not receive and, if it did, whether there was a danger that federal authorities would track said data.
“If you’re concerned, for whatever reason, you do not wish to be tracked by federal and state authorities, my strong recommendation is to use incognito mode, and that’s what people do,” Schmidt explained.
So what’s the problem here? Incognito mode is designed for—and serves—a completely different kind of privacy protection than the one Schmidt implied.
Repeat after me: Your web browser’s incognito mode is for porn and paywalls, not to hide from government surveillance.
— Christopher Soghoian (@csoghoian) December 16, 2014
Incognito mode deletes Chrome’s browsing history and other detritus that help track users around the Web. Chrome users who deploy incognito mode can, for example, prevent other people who access their computer from seeing their search history. Importantly, this deletion of local history logs does not at all affect external entities’ access to said history. ISPs can still see the traffic going back and forth between customers’ machines and their servers.
In other words, Schmidt’s comments suggest that he has never even opened incognito mode himself. If he had, he’d have seen this warning message.
Screengrab by author
Anyone who is concerned about snooping by federal authorities—the scenario in Schmidt’s example—will not find solace in incognito mode. Using incognito mode does not prevent IP address logging or online-behavior tracking, as the warning above makes clear.
Schmidt is, at least initially, referring specifically to incognito mode’s ability in regard to Google’s own data collection rather than in regard to government surveillance. However, he does go on to vastly overstate incognito modes overall abilities when he says it will help stop government tracking.
What Schmidt should have said was something like this: Use incognito mode if you don’t want your spouse to see the porn you look at and Tor if you don’t want the government looking over your virtual shoulder.
Editor’s note: This story was updated Dec. 18 for clarity.
Illustration via Fernando Alfonso III
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.