So I'm sure most of us are familiar with Index.dat. But for those of you that aren't here is a quick summary. Internet Explorer stores a very heavily protected file in your user profile containing the URL, Date, and Time of every site you've ever visited.
Deleting the History won't remove it and it is impossible to remove from within Windows (because it is locked in use like the kernel).
I've always assumed this was done to assist law enforcement. So the question is when InPrivate is running will IE continue to store the URL, Date, and Time of the site in the Index.dat file? And if the answer is yes doesn't that mean InPrivate is pointless?
-
Follow
Oops, something didn't work.
Sign In to be begin to follow this thread
What does this mean?
Following an item on Channel 9 allows you to watch for new content and comments that you are interested in. You need to be signed in to Channel 9 to use this feature.Getting "follow" information
Start following this thread
What does this mean?
Following an item on Channel 9 allows you to watch for new content and comments that you are interested in and view them all on your notifications page.Removing your "follow"
Setting up your "follow"
Did you know you can
sign up for email notifications?
-
-
Sven Groot
Don't worry... I'm a doctor.
As I understand it index.dat is tied to the Temporary Internet Files. Since the InPrivate stuff doesn't store files in the TIF, I would assume index.dat also isn't updated. That's just my reasoning though, not an official answer.
-
vesuvius
Count Orlock
I can see where you're going here, and it is a perfectly apt question that I hope Charles, Dan and so forth should make representations to the IE team. No doubt some brilliant niner will ascertain sufficient information that proves or disproves whether private mode actually truely exists.
My feelings are that any company whether it be Microsoft or Apple is under obligation via the law institutions of the Nation, to ensure some level of control is put into place. I think the result will be "we will keep you private from everyone, except ourselves". With the Google Chrome browser, they will be following suit, and any other company (ISP providers being next in queue) that can get you to use their product. -
Yggdrasil
Pour me a cab, 'cause I can't drink no more.
Which Nation would that be? Am I, as an Israeli citizen, bound to the laws of the US? Is Microsoft, which in addition to being an American company is also a registered company in Israel, bound to these laws in every product it provides all over the world?vesuvius said:I can see where you're going here, and it is a perfectly apt question that I hope Charles, Dan and so forth should make representations to the IE team. No doubt some brilliant niner will ascertain sufficient information that proves or disproves whether private mode actually truely exists.
My feelings are that any company whether it be Microsoft or Apple is under obligation via the law institutions of the Nation, to ensure some level of control is put into place. I think the result will be "we will keep you private from everyone, except ourselves". With the Google Chrome browser, they will be following suit, and any other company (ISP providers being next in queue) that can get you to use their product.
And I don't think Google is keeping track of your browsing history in case National Security needs it. -
evildictaitor
Devil's advocate
If by heavilly protected you mean hidden, compressed, readonly, system and archive flags are set, then I'll concede your point. If you mean protected as in encrypted in any way, shape or form then you'd be wrong.
-
vesuvius
Count Orlock
Yggdrasil said:
Which Nation would that be? Am I, as an Israeli citizen, bound to the laws of the US? Is Microsoft, which in addition to being an American company is also a registered company in Israel, bound to these laws in every product it provides all over the world?vesuvius said:*snip*
And I don't think Google is keeping track of your browsing history in case National Security needs it.That's an even more difficult question to answer that ought to be put to the IE team. It is an invisible factor included in buying and using Windows technology.
I watched the GNU/Video and that has some resonance, as the arguments against IE and Windows "sandboxing" or "blackboxing" segments of the OS simply are not there with GNU. All you need is an open source non recording web search facility.
Yesterday my heart sank when a priest was found guilty of child porn. The notable point was the offences were carried out between 1991 and 1997. I'm certain that this "blackboxing" of IE and the Kernel had a big part to do with his conviction, as well as his ISP.
This really begs the question, whether one can ever be truly autonomous on the internet, and whether it is Microsoft's obligation to ensure that a "record of activity" is maintained. The typical Government response is "if you have nothing to hide, there is nothing to worry about".
How do you strike a balance between ensuring communities are kept safe, and allowing people freedom with their data? The internet is an extension of self for most people now, and is open to good and mal-practice.
-
evildictaitor
Devil's advocate
Yes. When installing Windows you agree to be bound by United States law (specifically Washington I think).Yggdrasil said:
Which Nation would that be? Am I, as an Israeli citizen, bound to the laws of the US? Is Microsoft, which in addition to being an American company is also a registered company in Israel, bound to these laws in every product it provides all over the world?vesuvius said:*snip*
And I don't think Google is keeping track of your browsing history in case National Security needs it.
This means that you are bound by both US and Israli law, (and where a collision occurs, Israili law first, where appliciable).
@vesuvius: I hope your heart sank that a priest would do such a thing, rather than that he was caught. While I disagree with the notion of having my privacy invaded by the powers-that-be, there are many things for which I prefer society to infringe my rights in order that we avoid the impunity of some to do horrific things. If I beat my wife within the confines of my own home, that doesn't make it OK. If I download bad pictures, I deserve to go to jail.
The trick is to not let yourself get carried away. You rightly say the phrase "if you have nothing to hide, you have nothing to fear" is complete nonsense, but I suspect that you can save a lot of hassle by inspecting user's behaviour online through neural nets that throw away data that they arn't processing. If you visit bad websites, it sends a note to the police who may get a warrant to tap your line. If you are searching sites that appear to have nothing (statistically) wrong with them, it ignores your data thus respecting your privacy.
The only two downsides to this of course being the occassional false positive where an innocent man is furious that his late-night searches are now known by his entire family, and the occassional false negative where a clever bad man gets away with bad things because he's clever and can avoid the checks in nefarious ways. There's a tradeoff to be had there though. -
Heavily protected? Impossible to delete? Locked by the kernel? Oh my, I bet CIA added that file on our computers
.
The kernel does not have anything to do with index.dat. The only reason why you cannot delete that file is because explorer.exe keeps it open. Stop/kill explorer and you can delete just as any other file. It's has the hidden/system attributes set but that doesn't mean anything.
Protected? It's not even encrypted, it's just a binary file and the URLs that are stored in it are visible in any hex editor.
And I don't have IE6/7 around to test but as far as I can see IE8 zeroes out index.dat when you clear history, which happens to be better than simply deleting it.
As for InPrivate: I haven't used it and I haven't payed too much attention to what it is but from what I know it is private with regards to what information (third party) sites can access. I have no idea what it means for files stored on the local harddisk as a result of browsing in a InPrivate session.
-
GoddersUK
My five year mission: To boldly split infinitives that no Niner has split before!
This may make interesting reading (granted it's mainly about IE7, not IE8 but no doubt a lot of it still holds true).
-
GoddersUK
My five year mission: To boldly split infinitives that no Niner has split before!
You don't even need a hex editor. I can read my index.dat files just fine in notepad.Dexter said:Heavily protected? Impossible to delete? Locked by the kernel? Oh my, I bet CIA added that file on our computers
.
The kernel does not have anything to do with index.dat. The only reason why you cannot delete that file is because explorer.exe keeps it open. Stop/kill explorer and you can delete just as any other file. It's has the hidden/system attributes set but that doesn't mean anything.
Protected? It's not even encrypted, it's just a binary file and the URLs that are stored in it are visible in any hex editor.
And I don't have IE6/7 around to test but as far as I can see IE8 zeroes out index.dat when you clear history, which happens to be better than simply deleting it.
As for InPrivate: I haven't used it and I haven't payed too much attention to what it is but from what I know it is private with regards to what information (third party) sites can access. I have no idea what it means for files stored on the local harddisk as a result of browsing in a InPrivate session.
-
I know, but something tells me that it may be a bad idea to load a 2 megabyte file in notepad...GoddersUK said:
You don't even need a hex editor. I can read my index.dat files just fine in notepad.Dexter said:*snip*
-
ManipUni, I have tried cleaning up all temp files, history, etc. (in IE 7) and the content of my index.dat files seems to be gone as it is explained in GoddersUK link. Are you saing it is impossible to delete the file content or the file content will not be deleted it you clear only your history?
-
I'm not quite sure what the conspiracy about Index.dat is about, I always understood that it was used to index the temporary folders in the temporary internet files, as temporary internet files is a special folder and made up a number of psuedo-randomly generated folder names in which content is stored.
As for in-private, if it were me I'd probably create the cached page with FILE_ATTRIBUTE_TEMPORARY so that once the page had been displayed it's just thrown away from memory and doesn't touch the disk, assuming that there is available space in-memory so it doesn't have to be paged out.
Oliver -
Hmm interesting link.GoddersUK said:This may make interesting reading (granted it's mainly about IE7, not IE8 but no doubt a lot of it still holds true).
I've read before that was the design intent. But back in the day nothing you did could clear it including removing items which it is tracking.
Dexter: I said "like the kernel," not "by the kernel." -
Umm, you're right. But you're wrong tooManipUni said:
Hmm interesting link.GoddersUK said:*snip*
I've read before that was the design intent. But back in the day nothing you did could clear it including removing items which it is tracking.
Dexter: I said "like the kernel," not "by the kernel.". Unlike other executables (explorer.exe for example) the kernel (ntoskrnl.exe) is never locked "in use".
-
Sure it is.Dexter said:
Umm, you're right. But you're wrong tooManipUni said:*snip*. Unlike other executables (explorer.exe for example) the kernel (ntoskrnl.exe) is never locked "in use".
Windows is just too polite to tell you. Go ahead and make as many changes as you like and see how long they "stick" for. My guess would be around ten seconds.
Back in the Windows 2Kish days you got a big nasty "That file is in use" error message or similar. -
No it's notManipUni said:
Sure it is.Dexter said:*snip*
Windows is just too polite to tell you. Go ahead and make as many changes as you like and see how long they "stick" for. My guess would be around ten seconds.
Back in the Windows 2Kish days you got a big nasty "That file is in use" error message or similar..
What happens is that Windows detects changes to system files and replaces any changed file with the "original" copy from C:\Windows\System32\dllcache and it does that for your own good (I actually saw at least one stupid installer/uninstaller that replaced ole32.dll with a Win95 version resulting in a blue screen after reboot). Now if you think you can take care of yourself and you don't need the OS to hold your hand you can always delete/change the file from dllcache.
All this applies to all dll/exe/sys files that ship with Windows (so the kernel is not a special case) and all this does not apply to user created (directly or indirectly like index.dat) files.
Thread Closed
This thread is kinda stale and has been closed but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.