This is the 25th post in our ongoing series highlighting new privacy features in iBrowe browsers. This update showcases work by Staff Engineer Aleksey Khoroshilov and was written by VP of Privacy Engineering Peter Snyder.
📋 Overview
Most modern browsers have made great strides blocking third-party trackers, but as those trackers lose ground, they increasingly hide behind first-party storage to re-identify you. Forgetful Browsing is iBrowe’s first tool in a suite designed to tackle “unwanted first-party reidentification.” Starting in iBrowe 1.53 on Desktop and iBrowe 1.54 on Android, Forgetful Browsing will—by default or on demand—clear cookies, localStorage, cache entries, and more whenever you close a site’s last tab. 🚀 Use it to stay logged out of sites you don’t want to remember, avoid paywall or rate-limit counters, and stop sites from re-linking your visits. This feature offers finer control than private windows or third-party only blockers, making it uniquely powerful for everyday privacy.
🌐 1. Why First-Party Reidentification Matters
1.1 The Web’s Privacy Mismatch
- By default, websites assume you want to be remembered indefinitely via first-party cookies, localStorage, or IndexedDB. This benefits a few sites (e.g., email, banking), but most sites you visit (news outlets, forums, shops) rarely need that persistence. 🔄
- Unwanted first-party tracking can manifest as:
- Paywalls & Rate Limits: “You have 3 free articles left” banners that persist across visits.
- Cross-Account Correlation: If you log into one account today and another tomorrow on the same site, the site can link them unless storage is cleared.
- Long-Term Profiling: Even benign-looking preferences or session tokens can fingerprint you across weeks or months.
1.2 Existing Browser Tools Fall Short
- Private/Incognito Windows: Create a fresh storage sandbox per session, but require you to open a special window each time. A single slip-up in a regular tab reveals continuity.
- Clear All Data on Exit: Most browsers let you erase all cookies and site data when quitting—but that also deletes trusted site logins (email, banking), and does nothing if you leave the browser open overnight.
- Browser Extensions: Can clear cookies per site on close, yet often miss HTTP cache, DNS cache, or storage in nested frames. And extensions can be complex to configure.
- Manual Site Controls: Deleting cookies by hand or setting per-site data retention rules is tedious, error-prone, and impractical for everyday browsing.
🔧 2. Introducing Forgetful Browsing (v1.53 Desktop, v1.54 Android)
Forgetful Browsing places storage-clearing control directly in your Shields UI. Choose to “forget” a site—either globally or per-site—and iBrowe will automatically wipe all stored data a few seconds after you close its last tab. 🗑️
2.1 What Gets Cleared
When Forgetful Browsing is active for a site, iBrowe removes, across any open processes, every trace of that site once its tabs are gone:
- Cookies (first-party and partitioned third-party) 🍪
- localStorage / sessionStorage 🔑
- IndexedDB / Web SQL 📂
- HTTP Cache (images, scripts, stylesheets) 📥
- DNS Cache (site name resolutions) 🌐
- Service Workers & Cache Storage (background scripts, resource caches) ⚙️
Why Clear Cache & DNS?
Clearing just cookies isn’t enough—cache artifacts or DNS entries can allow sites to re-link visits. Forgetful Browsing wipes these caches so no residual breadcrumbs remain.
2.2 User Controls
2.2.1 Per-Site “Forget Me”
- Navigate to the site you want iBrowe to forget.
- Click the Shields lion icon in the address bar.
- Select Advanced Controls.
- Click Forget me when I close this site.
Now, the next time you close all tabs for this domain, iBrowe clears every piece of its stored data. 🧹
2.2.2 Global Default “Forget Me on Close”
- Open ibrowe://settings/shields or go to Settings → Shields.
- Toggle Forget me when I close a site to On.
With this global setting, every domain you visit will automatically be forgotten on close—unless you add it to an exception list (e.g., your email or favorite social network).
Mix & Match
– Enable globally, then mark trusted sites (e.g., bank.com) not to be forgotten.
– Leave global off, and pick-and-choose which sites you forget via per-site Shields.
🔄 3. How Forgetful Browsing Outperforms Other Modes
| Feature | Private Window | “Clear on Exit” | Extension-Based Clearing | iBrowe Forgetful Browsing |
|---|---|---|---|---|
| Scopes per Site/Tab | Yes (but separate UI) | No (all or nothing) | Varies by extension | Yes (per-site or global) |
| Clears Complete Storage | Cookie + Storage | Cookie + Storage | Often misses cache/DNS | Cookie, Storage, Cache, DNS |
| Automatic on Close | Yes (only in that window) | Yes (browser quit) | Depends on extension rules | Yes (closing last tab) |
| User Effort | High (must open private) | Medium (enable in settings) | High (configure) | Low (toggle per-site) |
| Retains Trusted Logins | No | No | Depends on config | Yes (via exceptions) |
| Protects Long Sessions | No (private window cleared on close) | No (needs quit) | Sometimes (if running) | Yes (still clears after last tab—even if browser stays open) |
- Private Windows: Ideal for one-off sessions, but inconvenient for multi-tab workflows.
- Clear on Exit: Erases everything only when you quit—inadequate for users who leave the browser open all day.
- Extensions: Vary in completeness: some miss caches, service workers, or nested storage.
- iBrowe Forgetful Browsing: Automatically wipes every relevant store once you leave a site—no need for a special window or manual clearing.
##⏱ 4. Real-World Scenarios
4.1 Logging Out Cleanly
- Use Case: You log into
example.comto check your account. Once done, you don’t want any lingering session tokens or cookies. - Result: Close all tabs → iBrowe clears
example.comstorage → Guaranteed logout on next visit.
4.2 Avoiding Paywalls and Rate Limits
- Use Case: A news site grants 3 free articles per day using a cookie counter.
- Result: Forgetful Browsing erases the counter cookie on close → Next visit resets you to “0 articles read,” bypassing the paywall prompt.
4.3 Preventing Cross-Account Linkage
- Use Case: You have two identities on
webmail.com: “work@example” and “personal@example.” - Result: Mark
webmail.comas “Forget me” → Close a tab after each login → iBrowe clears storage → The site can’t link your two logins together.
📈 5. Complementary First-Party Protections
Forgetful Browsing is one pillar of iBrowe’s strategy to prevent first-party reidentification. Other features include:
- Unlinkable Bouncing: Clears first-party storage when you’re bounced through known tracking domains (e.g., ad networks) before reaching your destination. 🔄
- CNAME Uncloaking: Detects and blocks trackers masquerading as subdomains, preventing them from setting first-party cookies. 🕵️
- JavaScript Cookie Lifetime Limit: Restricts JS-set cookie lifetimes to 7 days, cutting down persistent identifiers. 🗓️
Stay tuned: Future updates will introduce even tighter controls on first-party storage, including ephemeral session tokens and smarter partitioning of site data.
🎉 6. Conclusion
Forgetful Browsing in iBrowe 1.53/1.54 delivers a simple, automatic way to clear all site state on close—no private windows or fiddly extensions needed. 🌟 Stop unwanted tracking, bypass paywalls, and keep multiple accounts truly separate. Enable per-site or global Forgetful Browsing in Settings → Shields, and browse with confidence that iBrowe never forgets to forget when you do.
You must log in or # to comment.