On Sat, Jul 18, 2015 at 11:55 AM, Ehsan Akhgari <ehsan.akhg...@gmail.com> wrote: > On Fri, Jul 10, 2015 at 8:05 PM, Jonas Sicking <jo...@sicking.cc> wrote: >> >> On Fri, Jul 10, 2015 at 4:02 PM, Ehsan Akhgari <ehsan.akhg...@gmail.com> >> wrote: >> > On Fri, Jul 10, 2015 at 6:37 PM, Jonas Sicking <jo...@sicking.cc> wrote: >> >> >> >> Hi Ehsan, >> >> >> >> I'd really like to get some clarity in what the purpose of the private >> >> browsing feature is supposed to be. Last we talked about this the >> >> answer seemed to be "it's different things to different people. Only >> >> thing that we agree on is that a private browsing window should not >> >> write data to the user's disk". >> > >> > >> > To make it more clear, there is no contention on what the feature should >> > do >> > from our side. It's just that we haven't done a very good job teaching >> > what >> > this feature is intended to do to the _users_. There are for example >> > unintended use cases that came up after the feature was first >> > implemented, >> > such as using this feature to login to the same website twice at the >> > same >> > time (by essentially getting a separate cookie jar) but those are well >> > understood now. But developers are also users, and as a result, >> > developers >> > who are not familiar with private browsing may also have assumptions >> > formed >> > as users of the feature which may not accurately reflect what the >> > feature >> > does. Perhaps this is an example of what you had in mind? >> >> Right. >> >> I have never seen that documented anywhere. I think doing that would >> be very useful. > > > Sorry it took such a long time to reply, but I was putting this together: > <https://wiki.mozilla.org/Private_Browsing>. Hopefully this clears the > design principles of the feature.
This is great! >> For example, the only intended goal that I've heard described is that >> "Actions taken during private browsing should not cause data to be >> written to disk". If that is the only goal of private browsing then >> for example adding the new tracking protection doesn't make much >> sense. >> >> But to be honest, I actually think that if that was the only thing >> that private browsing accomplished, then such a feature would be >> fairly useless, as well as hard to explain to users. It's much more >> likely that friends and family will see my google-stored search >> history, than that they will snoop around in the cache database or >> cookie database. > > The document above explains what the intended goal so far has been, it's a > bit more nuanced than just not writing data to the disk. > > I disagree that the feature as it is today is useless but I don't have data > on the usage of the feature one way or another. But note that by default, > when using private browsing, your search history won't show up in your > Google history since the isolation provided prevents Google from associating > the search with your login (unless you log in, of course.) I definitely don't think that the feature is useless. Because we *do* use a separate cookiejar in the private browsing window. I think the story would have been different if we hadn't. > But I will note that people have been asking for more privacy features to be > integrated into private browsing for as long as I remember. It has always > been technical difficulties that have made a lot of such features very > difficult to implement. Now that for example we have the opportunity to > turn tracking protection on inside private browsing, I think we should do > that, but the different features are orthogonal to each other, it is just a > matter of what we show in the user interface. And given the fact that we > phrase the UI as a "private" window, this association does make sense to me. > But for the purposes of this discussion, private browsing and tracking > protection should not be intertwined (even though they will interact.) I think it'd be great to have a short and clear list of what the private browsing feature is. I think your wiki page is a great start to that. It's definitely is short enough that you can read through it and get an understanding of the current goals. I think it's also great that your page mention research that has been done about user expectations so that we can see where user expectations doesn't match the list of features/goals of what the feature is. / Jonas _______________________________________________ governance mailing list governance@lists.mozilla.org https://lists.mozilla.org/listinfo/governance
