Maintaining, Mandating, and Mitigating Privacy in Internet Explorer 8
Internet Explorer 8 has introduced a variety of new security enhancements which allow for a more secure browsing experience. These features are very effective and very flexible, and so, they may be used in several different operating environments. In this article I am going to take you through the new features of Internet Explorer 8 and how we can configure them for different scenarios.
We will start by trading places with a consultant who wants to make sure that when he uses the Internet at clients' sites, he does not leave any tracks. After that, we will end by getting into the mind of a school network administrator who wants to make sure his students can not browse inappropriate content privately while using school computers. Finally, I will discuss the InPrivate Filtering feature of IE8.
Understanding Internet Explorer Privacy
Before we begin talking about how to browse privately, it is crucial to understand how Internet Explorer stores information about our browsing habits.
First and foremost, if you are concerned about how much of a footprint is left on a computer when you browse the Internet under a default IE configuration, then that concern is well justified. Someone with an interest in your browsing history, cookies, and session data needs only to know where to look. Using this type of data, a potential attacker could potentially steal passwords, hijack browsing sessions, and extract all sorts of personal information.
Here are a couple of places where this types of data is commonly stored (thanks to Adrian "Irongeek" Crenshaw and Nir for the compilation):
Internet Explorer Temp Folder (Cache)
C:\Users\<user name>\AppData\Local\Microsoft\Windows\Temporary Internet Files
IE Typed URLs
IE Forms AutoComplete
IE Password AutoComplete
Of course, these things can all be cleared by simply going to Tools- Internet Options- and pressing the Delete button. However, even allowing IE to store these things in the first place is a bit of a concern and we can not always count on your employees to cover their tracks when there might be an operational security concern.
In our first scenario we will take the role of Steve, a financial consultant who spends the majority of his time on the road visiting clients. During these trips he spends weeks at a time on sites with clients going over their finances and auditing their books. Steve has his own laptop but he often finds himself migrating from department to department examining budgets and assets and all things financial. Toting his laptop around all day is not too feasible, and so, Steve ends up hopping on a spare terminal on random occasions to check his e-mail, read some news, and make sure he is not missing out on any Facebook gossip.
What Steve may not be aware of is that by using his cookies and session information, someone can get access all his private information quite easily. This is where IE8's InPrivate browsing feature comes in handy. If you are using a computer borrowed from a friend, one in a public place, or anywhere else you do not want people to see what you have been looking at, then InPrivate browsing is your solution.
Microsoft makes the use of InPrivate browsing fairly simple. In order to access it, simply press the key combination Ctrl+Shift+P from within IE8 and you will be presented with an InPrivate browsing window.
In this mode the following things take place:
No cookies are stored
History is not recorded
Temporary Internet files will be deleted when the InPrivate browsing window is closed
Form data is not stored
Passwords are not stored
Typed URLs are not stored
Search queries are not stored
Visited links are not stored
Given this information, Steve can begin using InPrivate browsing as he hops terminals at his client site. As soon as he closes the browser window all record of him being there are out the window. As an added benefit, he does not have to clear all of the browsing history stored on the computer so an employee walking back up to their computer would not be suspicious when they notice that all of their browsing history has been removed.
Preventing InPrivate Browsing with Group Policy
In our second scenario we find ourselves in the shoes of the network administrator for a small school district, also named Steve. Now that all of his districts computers have updated to Internet Explorer 8, Steve is concerned that students will begin using InPrivate browsing to access websites that are in violation of the districts Acceptable Use Policy (AUP). Putting myself in the shoes of a high school version of myself...I can not say I blame him.
Microsoft provides us administrative control over InPrivate browsing through Group Policy. For our purposes here, we want to disable the use of InPrivate browsing. In order to do this we will need to create a new Group Policy Object. In this newly created GPO browse to Computer Configuration, Administrative Templates, Windows Components, Internet Explorer, InPrivate.
There are a couple of options here but the one we are concerned about is Turn off InPrivate Browsing. Setting this option to Enabled and applying it to the appropriate organization units will ensure that people can not use InPrivate browsing to cover their tracks.
Along with InPrivate Browsing, Microsoft has also introduced InPrivate Filtering which is designed to help give you information about third-party content that attempts to pull information about your web browsing habits.
As an example of this, imagine you browse to www.fakewebsitegoeshere.com. This website contains the following code:
After leaving that website, you browse to www.thiswebsitecouldnotbefaker.com. This website contains the following code:
These are two completely different websites but they both take part in the same third-party service. This means that any time you interact with these two sites or any other site utilizing this *.js script, your activities will be recorded (usually for advertising purposes).
InPrivate Filtering keeps track of these third-party scripts and then will automatically block this content from sites that it notices this type of activity from. InPrivate filtering can be configured from the Safety menu at the top right of your IE 8 window. Going to Safety, then choosing InPrivate Filtering Settings will allow you to choose to automatically block third-party content, choose content to block or allow, or turn the setting off.
There are a couple of functional drawbacks to InPrivate Filtering. As expected, if configured to automatically block, then there is a high probability you will eventually come to a website that does not function properly. Also, it is very easy for users to accidentally enable this functionality, thus experiencing the same problem of certain websites not displaying correctly. There is not a lot that can be done about the first issue other than selectively blocking content, but the second issue can be mitigating by using Group Policy to disable the use of InPrivate Filtering. This GPO setting is called Turn off InPrivate Filtering and can also be found at Computer Configuration, Administrative Tools, Windows Components, Internet Explorer, InPrivate.
In this article we have covered the basics of where Internet Explorer 8 stores information and how to prevent that information from being stored with InPrivate browsing. We have also covered InPrivate filtering and how it can prevent third-party scripts from accessing your browsing patterns. In the end, none of these things are a substitute for proper user education on safe browsing practices but they can help fill the gaps.