On the other hand, a lot of users only expect that their loved ones cannot access their porn browsing history — this is the common user story for privacy mode. If this feature was designed from that perspective, rather than a leave-no-trace-behind philosophy, this kind of behaviour is entirely plausible.

Not that I would recommend a Microsoft browser when you want privacy; or their OS for that matter.

I am not suggesting Edge does a good job, just that it was probably not intended to do a good job.

...like many other Windows 10 features. Like someone in Redmond thinking: oh let's have two control panels for several years and progressively move stuff from one to the other so that users can never become familiar with our UI!

> oh let's store all of that in the primary cache or let's store the history there.

It could be simply a bug that disabling the caches for private browsing didn't work as intended.

Of course, barring a whistleblower, we'll never know. Yay closed source software.

I would be surprised if private browsing meant no caching. I would have rather have implemented it as a separate / in-memory or encrypted cache.

Is that what Chrome does? It seems like it has an in-memory session that stays intact unless all incognito windows are closed. When I login somewhere, close all but one incognito tab and then navigate to that website again, my cookies are still there.

Also let's hope they aren't sending different headers like DNT etc. when in private mode, which would make fingerprinting a lot easier.

I am pretty sure your authentication cookie isn't shared between your regular and privacy sessions.

Yes, but it's shared between different sites within your "incognito" session. Open an incognito window, log in to Google, then go to some other place, and your Google login information is seen by that site.

What do you mean by "your Google login information is seen by that site" because I can't think of anything it could correctly mean, even in non-incognito mode.

Login to gmail. Now go to docs.google.com in a new incognito tab and all your docs will be visible.

Or login to Gmail. Open another tab to read Hacker news, not logging in. Close your incognito Gmail tab. Read HN. Forget that you ever were in Gmail. Then leave HN and go to some other, completely different website that allows Google login. You'll get in there without another Google login; the incognito session remembers you.

How would you implement it? Make each new tab a separate profile that we destruct on close?

You could make an argument whether you want one session per tab or one per window, but yes. Sharing state between "incognito" instances is both counterintuitive and potentially harmful.

I think the current approach is that there is just one regular and one incognito instance. So as long as any incognito tab is alive, your session is potentially alive as well.

This allows us to move tabs across Windows. How would we do that with one session per tab or per window? Also what happens when user opens link in new incognito window?

OK, you specifically meant subdomains of google.com. That really wasn't clear!

You are right.

But it does seem to be shared between all incognito tabs in all incognito windows (including in further new incognito windows) until you close all incognito tabs/windows. This is not necessarily what users expect. New incognito window should mean NEW && INCOGNITO!

I would love if it could, but chrome can only handle a single incognito session.

It can handle a single incognito session per profile. If you start another one from a window belonging to a different profile, you'll get a different session. (And you can tell them apart because they copy some of the theming and appearance settings from the profile they were created from.)

Why are you assuming the control flow works like that? I'd bet it works exactly the opposite way: there is a "normal" code path, and private mode is a flag that disables certain things.