Private browsing, eh? No, not so much… [FlushCache]

Pop Quiz: when is 'private browsing' not so private?

Answer: When your operating system caches your DNS lookups even after they are removed from your local browser cache.

If you have a Mac (presumptuous of me to assume, I know), try this interesting little experiment. Turn on 'private browsing' in your favorite browser - Safari, FireFox, Opera - whatever. Now, browse around a bit...hit a few dozens sites, click through some pages. Now, close the browser and if prompted tell it to 'clean' your browser. All well and good, right?

Wrong.

Open Terminal (or your favorite equivalent - I like iTerm). Type (or paste, probably easier) the following line, then hit 'enter':

dscacheutil -cachedump -entries Host

Notice the dozens of addresses and urls dumped to the screen? That, my friends, is your DNS cache. It lets anyone with access to your system see exactly where you've been and, even more fun, it shows where traffic sent by third party apps such as backup, upload apps, peer-to-peer and other services are going.

While this is likely not nefarious in any way, it should be noted that anyone who is attempting to maintain at least a modicum of security or privacy on their systems will find this to be a harrowing concept.

As such, here are a few suggestions as to how to remedy the situation:

  • On occasion, pop into the terminal and type/paste: dscacheutil -flushcache
  • Consider putting that into your cron so it is performed automatigally
  • Write a tiny little script to do it for you using your favorite language
  • or download this compiled Applescript that I made. It comes with Growl support...my recommended usage is to trigger QuickSilver, then a split second later get a Growl popup letting you know that the cache is clear.

flushcache.png
Sure, it's not exactly NSA level security we're talking about here, but if you're on a shared computer or are just slightly paranoid, it's something you don't want to ignore.
If you have any comments, leave them below - or even better, share your favorite tips for securing your system. You can also Tweet them to us by clicking here.

Post Data

Related Posts

  • MaggieSSS
    When you logout of your MAC (shut it down) is this DNS cache cleared too so you don't have to open a terminal and use the above commands?
blog comments powered by Disqus