- Andrew Yang upset porn fans with his criticism of Bing Tuesday 10:34 PM
- Kamala Harris really wants Trump kicked off Twitter Tuesday 10:22 PM
- Bernie Sanders jokes he didn’t use medical marijuana before tonight’s debate Tuesday 9:47 PM
- Tulsi Gabbard says she’s not a Russian asset—which is just what a Russian asset would say Tuesday 9:20 PM
- Warren says she doesn’t have a ‘beef with billionaires’ Tuesday 8:59 PM
- Andrew Yang’s Universal Basic Income plan gets support from other candidates Tuesday 8:40 PM
- Christmas creep is real, and it’s all over Tom Steyer’s neck Tuesday 8:05 PM
- Stans are using pictures of Beyoncé to catfish sugar daddies Tuesday 7:18 PM
- Wait, who the heck is Tom Steyer? Tuesday 7:17 PM
- Teacher caught on video in racist rant put on leave without pay Tuesday 5:44 PM
- Pornhub pulls Girls Do Porn videos amid sex trafficking charges Tuesday 4:49 PM
- Gina Rodriguez sings N-word on Instagram story Tuesday 4:41 PM
- Trump Jr. mocked for Hunter Biden tweet about profiting from dad’s name Tuesday 3:58 PM
- All the holiday movies and shows coming to Netflix in 2019 Tuesday 3:48 PM
- Smoke ’em, pass ’em Week 7: The QB blues Tuesday 3:29 PM
Top Google exec mistakenly suggests Chrome’s incognito mode can foil the NSA
Between foreign hackers and the National Security Agency (NSA), how is an innocent Internet user supposed to browse the web free of government surveillance?
Except that’s wrong—completely, absolutely wrong. The casual and ill-informed suggestion, delivered from the highest levels of the company responsible for Chrome, is dangerous to anyone looking for real security advice.
Incognito mode does not protect users from surveillance. Schmidt’s statement was so blatantly incorrect that a member of the Google Chrome security team—i.e., one of Schmidt’s own employees—could only respond with a very exasperated facepalm.
Schmidt’s comments came during an interview at the Cato Institute in Washington D.C. He was asked if Google received detailed information from Chrome users that other browsers do not receive and, if it did, whether there was a danger that federal authorities would track said data.
“If you’re concerned, for whatever reason, you do not wish to be tracked by federal and state authorities, my strong recommendation is to use incognito mode, and that’s what people do,” Schmidt explained.
So what’s the problem here? Incognito mode is designed for—and serves—a completely different kind of privacy protection than the one Schmidt implied.
Repeat after me: Your web browser’s incognito mode is for porn and paywalls, not to hide from government surveillance.
— Christopher Soghoian (@csoghoian) December 16, 2014
Incognito mode deletes Chrome’s browsing history and other detritus that help track users around the Web. Chrome users who deploy incognito mode can, for example, prevent other people who access their computer from seeing their search history. Importantly, this deletion of local history logs does not at all affect external entities’ access to said history. ISPs can still see the traffic going back and forth between customers’ machines and their servers.
In other words, Schmidt’s comments suggest that he has never even opened incognito mode himself. If he had, he’d have seen this warning message.
Screengrab by author
Anyone who is concerned about snooping by federal authorities—the scenario in Schmidt’s example—will not find solace in incognito mode. Using incognito mode does not prevent IP address logging or online-behavior tracking, as the warning above makes clear.
Schmidt is, at least initially, referring specifically to incognito mode’s ability in regard to Google’s own data collection rather than in regard to government surveillance. However, he does go on to vastly overstate incognito modes overall abilities when he says it will help stop government tracking.
What Schmidt should have said was something like this: Use incognito mode if you don’t want your spouse to see the porn you look at and Tor if you don’t want the government looking over your virtual shoulder.
Editor’s note: This story was updated Dec. 18 for clarity.
Illustration via Fernando Alfonso III
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.