Surfing the web in Privacy Mode is not secure anymore
You may think that browsing in incognito mode is a secure way to privately surf the net
If you are surfing the internet and switch to privacy mode in your browser to ensure that are safely going through a website, think again. Incognito mode or Privacy mode is used when one wants to browse through websites securely, without the browser being able to track you back.
When you surf through a website, the web server saves a set of cookies on your computer’s browser. These cookies are messages that are used to track your browsing behaviour and habits. When you visit the same website again, the server tracks the fingerprints from the cookies to serve you content accordingly and also keep a tab on them. The difference in incognito mode or privacy mode is that the web server or website does not get access to these cookies, and thus cannot track you.
ReadWrite informs that Sam Greenhalgh, a technology and software consultant, has developed a proof of concept for HSTS Super Cookies. HSTS (HTTP Strict Transport Security) is a security protocol that ensures users only interact with a website via a secure HTTPS connection. HSTS Super Cookies, developed by Sam can fingerprint cookies even if he or she is surfing in privacy mode. In order to show the concept, and that he has the capability to do it, his own website can set tracking IDs for each user who visits it. This tracking ID is what makes the user vulnerable.
Sam also stated that only one browser is presently invulnerable to HSTS Super Cookies, and that is Firefox version 34.0.5. He also mentioned that Internet Explorer is also not vulnerable because it does not support HSTS security in the first place.