Google Chrome on iOS flaw reveals Incognito mode private search history

Google Chrome’s Incognito mode promises a completely private browsing experience, which means it doesn’t store your history, doesn’t keep a track of your logins and doesn’t remember your searches. But Chrome for iOS, due to the way it’s implemented, will retain your search history on google.com, and possibly on other websites too.

The flaw in the incognito mode was demoed by design firm Parallax, but contrary to what is being said, it wasn’t introduced in today’s Chrome update. You can replicate it by following these steps:

  • Switch to Incognito mode in Chrome by opening a new Incognito tab on your iPhone or iPad
  • Type something in the Incognito tab’s Omnibar you haven’t searched for before
  • Open a normal (non-Incognito) tab and head to google.com
  • Tap in the search bar and you should see the term you “privately” searched

The flaw isn’t a result of Google’s poor implementation of Incognito mode on iOS, but is instead a consequence of Apple’s strict restrictions that prevent developers from including their own web browsing engine. Google in fact states this in its support docs:

On Chrome for iOS, due to platform limitation regular and incognito* tabs share HTML5 local storage, which is typically used by sites to store files on your device (client-side caching) or to provide offline functionality. This means the same sites can always access their data in this storage in both regular and incognito* tabs. Incognito* tabs will still keep browsing history and cookies separate from regular tabs, which are cleared once those tabs are closed.

Of course not all users might realise this, which is why it is important to highlight that Chrome’s Incognito mode on iOS isn’t as private as its desktop counterpart. So if you do want to browse the web privately, you can use Safari’s private browsing mode which doesn’t suffer from this flaw.

[via TechCrunch]