BrowsersOpen SourceRegulationSecuritySoftwareSurveillance-ITWorkspace

Mozilla Fixes Firefox 15 Private Browsing Bug

Tom Brewster is TechWeek Europe’s Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Firefox Private Browsing wasn’t so private, but a fix has been issued

Mozilla has issued a hurried fix to an embarrassing flaw in the recently-launched Firefox 15 browser.  Firefox 15 could have exposed the activity of those using its Private Browsing mode – a problem fixed in the new release, version 15.0.1.

When using  Firefox Private Browsing, information on website visits is not supposed to be stored on the user’s disk. Neither are cookies, passwords or other cached Web content.

Give us your cache

Yet a flaw stored this information on the user’s disk cache, rather than in the browser’s memory cache, which clears on the end of a web session. That meant that anyone who could view a user’s cache outside of Private Browsing would be able to see what they had been up to.

It’s possible to view what’s in a cache with various add-ons. The user who brought the issue to light, on the Bugzilla site, used the CacheViewer tool.

The bug has now been addressed in Firefox 15.0.1, which can be downloaded from here. To work out how to clear the Firefox cache manually, head to the Firefox help page here.

The flaw will upset Mozilla, which has prided itself on the security and privacy features of its browser. The open source company has been one of the chief backers of the Do Not Track option, introducing the feature in February last year.

Firefox 15 also has creditable speed, as revealed in our performance tests.

Are you a Firefox fan? Try our quiz!