I have seen this several times before where the police are able to find that a suspect has searched the Internet for things like, “How long before a body starts to smell” and “How to dispose of a body”. Can’t the perp just search while in Private Browsing mode to prevent this? Are they that dumb? Or can forensic investigators retrieve even those searches?
There are two separate issues there.
-
When you search Google for "How to dispose of a body”, Google keeps a record of that. Which record includes what was asked and which computer did the asking.
-
When you search Google for "How to dispose of a body”, your browser keeps various records of that. It’s in your url history, some images or cookies might be cached, etc.
“Private Browsing” mode (by various names in various browsers) is all about the second issue. In that mode the browser keeps no records. But that mode does nothing to remove your history from Google’s computers.
You have zero influence, much less control, over what Google decides to keep track of. That’s a treasure trove for the cops. Lest it sound like I’m picking on Google particularly, all the other search engines do the same thing.
It is possible to hide your identity from Google by using a VPN, in a rudimentary manner. You share the same IP with every other user of that VPN service. Since private browsing does not share existing cookies etc. (and deletes any it receives during the session, when you close the browser) Google cannot identify you by your IP address or by other specific data.
Except - there’s the theory that computers can be fairly uniquely identified by their “signature” - the exact (sub)version of their browser, any add-ons like video players and what codecs they handle, available fonts, language settings, time zone, etc. One theory is that it is like DNA, there’s so many add-ons and possibilities that a computer is not likely to match many others - and who knows what personal data Google has memorized about your computer.
I suppose it boils down to the usual question - who wants to know? What powers and resources do they have to compel data from others? How much effort are they going to put into finding out?
Isn’t there also Onion or Tor? My husband was a fan of that a while ago, not for anything truly nefarious, just access to some music streams, I think? Or maybe plane info - he’s got the flying bug.
Does Google keep it by computer footprint or because they’re doing it while signed in?
I always assumed if you use one browser & opened a private tab they still know who you are; however, if i opened a second/different browser & didn’t sign in then they couldn’t track me.
…Asking for a friend
They definitely have your IP address, so if you’re not using a VPN they can track you by that.
And are you positive you are always running those for all of your internet traffic?
In any case, try this test : https://coveryourtracks.eff.org/
While the above posters are correct that both the internet search provider (e.g. Google) and the ISP (e.g. ATT) could provide information to the cops, it does appear that in this specific case the search history was retrieved from the laptop itself. Or at least the news articles about it all refer to the MacBook that was searched as the source of the information.
So yes, it does appear he was rather idiotic about covering his digital tracks.
Really the only “foolproof” way would be buy a new computer, never log into any accounts for it, and only use it on a public network somewhere without cameras. Then destroy the computer by dumping it in a lake or something. Then your search history probably couldn’t be traced back to you.
Why would anyone sign in to Google? For email, yes - but then sign out. Why give them more data?
Because it’s convenient for using some of Google’s services, like their password manager. I can also share links from Chrome between my phone and my laptop this way. And logged on or not, I’ve long given up the illusion that Google doesn’t know who you are anyway.
Another advantage is that many online places that require registration, such as stores, will accept Google logins and you don’t need to actually register a new account with the site. And it can carry things like a shipping address or payment info that just follow you.
There is a lot of convenience in staying logged into Google, but obviously there are privacy concerns as well.
You’re not signed in just for GMail. You’re signed in for everything Google offers. Which means that if you want to avoid associating a search with your Google ID, you have to log out as soon as you’re done with GMail but also manually log back in when you want to see your GMail. A damned nuisance, and completely useless from a forensic perspective, because Google will record what computer at what network address is making that search, logged in or not. And if it’s recent enough, it’ll record that a certain Google login was used to read Gmail from that computer at that IP address a few minutes prior.
Leaving aside the significant traces left inside your browser (logged in or not) if you don’t purge browsing history info.
Yeah, the “Evercookie”, which is sufficiently diverse and multiply redundant enough to uniquely identify a single machine or device.
Being a nerd, and having worked in online gambling - which as you can imagine, has a fair amount of attempted fraud - we were on it.
I’m not sure how far I want to go into details for the general public, although it is open source for us nerds to peruse.
I mean they use steganography to hide data in images in your browser cache. It is way, way clever.
Although the VPN company can (sometimes). In a case like the OP it would be pretty straightforward for the cops to get a warrant from the VPN company for your IP address. Though what data is stored depends on the company…
Other documented instances include a data request in 2016 to PIA and a 2017 request for logs from PureVPN, both by the FBI. PIA remained true to their no-logs word by proving they had nothing to give the authorities, while PureVPN went on to secretly work with the FBI to provide an IP address of a user leading to an arrest
It’s been about 15 years since I worked in that space, but if it’s on your computer, chances are a computer forensics expert can reconstruct it. Even using disk-wiping software leaves traces of its use, creating circumstantial evidence that you tried to hide something.
Unless a suspect is particularly tech-savvy, they typically aren’t thinking about hiding their digital trail beyond maybe deleting their browser history.
My advice is if you need to research your crime, do it from a public computer at the local library. If you think you have incriminating evidence on your personal computer, physically destroy the hard drive with acid or something and then toss it in the river.
Using a dark web browser to look up airplane info shouldn’t raise any red flags 