Solved

History Privacy Problem

Posted on 2003-12-10
16
374 Views
Last Modified: 2013-12-04
I have just recently upgraded to Windows XP Home edition.  I am also using version 6.0 of Windows Internet Explorer.  While looking through the browser history list that opens after clicking the "HISTIRY" option on the IE toolbar, I noticed that every file I have opened, offline as well as online websites are listed in the "HISTORY" list.  This I feel is extemely invasive.  If hacked into all my information as far as files, etc that I have viewed are vulnerable and exposed.

How do I get rid of or disable this "history" feature..?  Deleting history under the tool menu does not do this.

HELP

I feel completely violated.
0
Comment
Question by:mtsprink
  • 7
  • 5
  • 3
  • +1
16 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9916790
Dear mtsprink,

this would disable clicking history

http://www.winguides.com/registry/display.php/537/

Thanks,
Sunray
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 9916792
>>>How do I get rid of or disable this "history" feature..?  

You don't but you can set the history to 0 days.
0
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 125 total points
ID: 9916793
but this would only disable you from deleting the history

what you can is to number of days you want to retain history to be 0

Sunray
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 9916798
0 days will still have Todays history but that is all it will log.
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9916801
Also do this

open internet explorer
go to tools  --> internet options --> advanced
scroll down and check the option under security
" empty temporary internet file folder when browser is closed".. that way if someone gets into the temp folder they wont know where you have been

Sunray
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 9916812
Where you see the Clear History button on the General Tab set that little box to 0
0
 
LVL 4

Expert Comment

by:MobileOakAI
ID: 9917627
I agree, except that I think setting it to one or two days should satisfy.

You are not that vulnerable and exposed as you may think, except for where you permit others to use your machine. In wroke situation clearing history will not help, they get to see the URL access before you do. So wahtever the exposure would be, it is more for friends and family who share the box.

So configure the XP to have a different ID and privelege for eache user, only let owners access their documents, and don't give everyone admin rights because you are nice. In fact, don't use your admin ID on internet, either, for that can expose you if you get an exploit that takes on, inherits your authority.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 9918835
it is EASY if you use windows xp, just change your personal History folder's permissions, only YOU have full control, any other guys has NO ANY rights to access it. since this protection is based on NTFS level, so it is quite safe.

you may also a following question i just posted similar comment at there:
http://www.experts-exchange.com/Security/Win_Security/Q_20821715.html

hope it helps,
bbao
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 44

Expert Comment

by:CrazyOne
ID: 9918892
Actually the History folder has no permission settings at least on my XP Pro system. The parent folder Local Settings defaults to the admins and the SYSTEM accounts.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 9919051
yes it is, by default. you can change it by using cacls.exe at command-line.
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 9919158
>>>you can change it by using cacls.exe

Yes but most people don't know how to use it and personally I don't see any real need to set permissions on it sense mtsprink is more worried about hackers and not other users. And since this is XP Home it uses Simple File sharing which even with permissions this feature kind of defeats a lot of NTFS security.

mtsprink if you aren't using a firewall then you best use one if you are concerned about getting hacked. BTW hackers probably could care less about your IE history. They usually are more interested in other things less mundane than what sites you have visited. :)
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 9923565
sorry,  CrazyOne, i dont think so. cacls.exe is shipped with windows xp, any people can open a Command Prompt window to invoke it. i am sure most people can not fully understand the strange syntax of command line, but they can just execute what we show to accomplish what they want. why dont?

mtsprink, you may try following commands at Command Prompt window, to change your personal History folder's permissions, only YOU have full control, any other guys has NO ANY rights to access it. since this protection is based on NTFS level, so it is quite safe.

x:
cd x:\documents and settings\USERNAMEE\Local Settings
cacls history > history_old_permissions
cacls history /r everyone /e
cacls history g USERNAME:f

where x: is the drive of your system partition. USERNAME is your username.
btw, all your old permissions information is saved in file "history_old_permissions" for your reference later.

hope it helps,
bbao
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 9923578
sorry, the latest comand should be "cacls history /g USERNAME:f"
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 9924818
But what is the point that is what I am geting at bbao. mtsprink is concerned about hackers so if someone hacks in while mtsprink account is logged in and gets control of mtsprink account then this permission does nothing to stop the hackers form looking at the history folder. All this permission does is prevent other users who sign on from messing with that folder. But if they have admin rights thay can take that permission off. In the context of the question I don't see how setting permissions on the folder has any bearing. :)
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 9928669
Umm why the C grad and why wasn't my comment chosen since I mentioned seeting the history days to 0 first?
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 9938430
CrazyOne,

sorry for later reply. the answer has been accepted but i would like to discuss a bit more with you, maybe the outcome is useful to other similar scenarios. i understand what you meant: the asker's major concern was on information exposure under attack, so a firewall based proposal was recommended by you although the asker finally accecpted a zero-day history solution. ok, as you mentioned, if someone hacks in while asker's account is logged in and gets control of his/her account then this permission does nothing to stop the hackers form looking at the history folder, stop at here, do you think the internet history information are more important and sensitive than other information such business documents, personal information or clients information in asker's hard disk? the start point of choosing a firewall is mainly to prevent history information? if so, i bet M$ would have already supported no-history feature as highlight. ;-))

so i think commonly asker's such requirement should be: dont like to see his/her visit history to be logged, or seen by other people including hackers. so my solution may prevent IE to log history at all (no one has NTFS permissions in the folder), or prevent other people seeing it (only you have permissions), or even allow parents monitor children's history (children have only write and modify permissions). as for how to pretect information on the computer, we should also proposal firewall and XP's ICF as a bssic solution, but it is a quite different issuse with that of no-history requirement.

mtsprink,

sorry for taking your question threads to discuss a bit more at here. so, a trick for you: i think you also dont like IE to record what URLs you type in at address bar, if so just press ctrl+o to input your URL then press return to go. thus, your URL will not be saved in the address bar's pop list. it is useful especially when you use other guys computer. this tip is only workable with IE. as for how to prevent logs in history, try my solution... ;-)))

thanks all,
bbao
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
OfficeMate Freezes on login or does not load after login credentials are input.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now