The Safari 4 beta is having a little bit of trouble cleaning up after itself, as has been revealed by C. Harwic on his blog. Safari 4 is still in beta, so it’s easy to forgive the browser for this rather sloppy housekeeping, which left gigabytes (!) of browsing data in weird places all over your filesystem, even after cleaning the caches or history. Still, this does raise a few questions.
Safari’s sloppy housekeeping
First, let’s take a look at what Safari 4 beta is doing wrong. For clarity purposes, I’ve decided to handle this on a point-by-point basis in a bulleted list.
~/Library/Caches/Metadata/Safari: The/historyfolder in here does not get cleaned up properly, and it’s very hard to find out what gets deleted and wat doesn’t. Every page gets its own item, each of them about 4-200k in size.~/Library/PubSub/Feeds/: In this directory, the new Top Sites feature makes an XML file every time a Top Site webpage is changed or alterered; it checks these sites every 30 minutes. These files are never deleted./private/var/folders/et/etuAKaR1GTeV9DVeRGfst++++TI/-Caches-/com.apple.Safari/Webpage Previews/: This is the worst one of all. QuickLook keeps two images (small and large) for every site you’ve ever visited with the Safari 4 beta. All of them. They never get deleted, and comprised 2.03GB of space on Harwic’s machine. To make matters worse, this folder does not live in the user’s library; heck, not even in the root library, but in a hidden folder far away from everything else on the computer.
Safari 4 is obviously in beta, so it’s important to note that we are talking about unstable and unfinished software, so things like this are to be expected – albeit still extremely sloppy. So, the rest of this discussion is not about this specific case, but about privacy in a more general sense. Just so you know.
Red flags
As browsers become ever more featureful, and users demand ever more advanced technoloy, it also becomes ever the more hard to cover your tracks. I’m personally not afraid of any data that’s stored on my computers, but the fact of the matter remains that there are countless emberassing (but legally harmless) things that you might want to look up on the web.
Even though most browsers have a porn button these days, it is not far-fetched to assume that many people forget to activate it, and start browsing without porn mode activated. When they’re done browsing, and they realise they should’ve used The Button, they obviously want to cover their tracks by using the various empty cache/history/etc. buttons in their browsers. If these buttons, then, do not actually delete said sensitive information (as is the case in the above Safari 4 bug), then you’ve got yourself a privacy nightmare on your hands.
We all know that browsers are the number one attack vector for people with malicious intent, and this is something browser makers are aware of and try to mitigate. However, on top of that are things that may not fit in the classic idea of a browser security bug, but can still be classified as such. I think the Safari 4 beta story is definitely a good example of something like that.
I hope that this Safari 4 beta bug has raised some serious red flags at the various other browser makers, and that they, too, are now taking a serious look at their various caches and data storages to see if they are managed properly.
It’s basic software behaviour: To follow the user’s orders. If I say “delete everything” the software must do as I say.
But this is what betas are meant for: Getting the thing on the user’s hands so they can let the developers know what they think about the software. Fixing this should be trivial for Apple.
At which point it does what you say, and wipes the disk.
Haha, that’s a good one!
If it carries the Apple brand, probably not
>> It’s basic software behaviour: To follow the user’s orders. If I say “delete everything” the software must do as I say.
Not in the world of Apple – the Apple product I am most familiar with, the iPhone has several caches which can’t easily be deleted. Safari will delete most of your private data if you tell it to, but it won’t delete your google search terms, unless you switch your default search engine to Yahoo and back. So far as I can tell there is no way to the various bits of history held by the YouTube and Google Maps apps. This isn’t because the software is beta, it is because they are morons.
It’s nothing more than an annoying bug in beta software, it could have formatted your HD, cheer up.
Privacy is not an issue, because (hopefully) not even other unprivileged users in your machine can access your cache even if it is in their home directory.
If they (or the hackers and malware) can, you should answer this, it is easier for them to infringe on your privacy by analyzing garbage left by Safari, or read the password file from your profile and know all your passwords and urls to your banking accounts?
At least for Firefox, reading the plain-text passwords from the passwords file is trivial and any kid that can move files around could do it(as long as you don’t use a master password).
Google, the government, and your employers(the usual suspects for paranoids) do not have access to your HD yet, so no privacy violations from them either.
Indeed – iTunes 2 deleted your hard disk if the name started with a space!
and it hasn’t been introduced with safari 4 beta, but way back with osx 10.5.2, as safaris caches were moved out of the home directory for braindead performance reasons. the snapshots of websites which safari 4 takes only make it worse.
http://www.sanneblad.se/johan/?p=123
so i don’t think apple will change this suddenly after more than a year. they should at least offer an option to move the caches back where they belong if they choose to sacrifize security to performance.
The folder “/private/var/folders/et/etuAKaR1GTeV9DVeRGfst++++TI/-Caches-/com.app le.Safari/Webpage Previews/” does not exist on my system but I have a similar one but “/ez/ez” etc and it only contains files up to 1 month old.
Latest Leopard & Safari 4 on G5 Powermac.
The folder is different for everyone, and hidden.
And your point is … ?
What a load of FUD. When you go to the ‘Reset Safari…‘ option and select ‘Reset Top Sites‘ and ‘Remove all webpage preview images‘, Safari cleans up perfectly. It takes a few minutes so be patient. Besides, both the “-Caches-” directory and the “Webpage Preview” directory are only accessible by the user that’s running Safari, not more nor less safe than when it was in your home directory.
Perhaps you should double check emotional articles like this. (“But even this isn’t the worst of it. The most outrageous thing I found…“, Seriously? “I really like Safari, but I’m going to have to seriously consider using Firefox now (ack).” Ahh, the typical outraged user threat, this should’ve set off the alarms that this article might not be entirely objective.) Here’s a fun one: “I can’t think of a good reason they couldn’t have at least put it in the user library with everything else: hiding it there is nothing short of deceptive.” Try this: Performance reasons. When your profile is stored on a server you don’t really want Safari to pull all this stuff over the network all the time. Stop implying malicious intent by using words like ‘depective’ when you admit that you don’t know.
but my home directory is encrypted with filevault and this directory definitely isn’t. in my book this is a serious breach of privacy. and it seems as if other applications also use a place outside the home directory for temporary user data:
http://lists.apple.com/archives/x11-users/2007/nov/msg00737.html
yes, that’s november 2007, so this problem has existed since leopards creation.
btw: du -ch {~/Library/Caches/,`getconf DARWIN_USER_CACHE_DIR`}com.apple.Safari
will show you the caches used by safari and their size. 1.9 gb on my macbook right now.
activity monitor -> safari -> inspect -> open files and ports should also do the trick.
ps: “clean caches only cleans the small cache remaining in the user directory. resetting safari also cleans most of the other caches, but leaves 200 mb ot of 1,8 gb on my computer.
Edited 2009-05-26 09:34 UTC
A well-designed application saves all of its own data under one location, not spread all over the system, and if there is something that can be shared with other applications then save that data in a well-known shared location. But what’s up with Safari4 saving its stuff all over the place and even trying to hide some of it? Such behaviour shows poor planning and choices being made, and trying to hide some stuff could of course be just another mistake, but it could also be something more sinister.
That shouldn’t be a big surprise, given the new tab interface. They’re probably hellbent on trying things and not worrying too much about space used.
Also, people have to remember that Mac developers aren’t necessarily UNIX developers, so putting things where you expect them won’t always be the case. On a 1 user system, there are 3 separate Library folders for things like these.
Besides that, as each update requires a system restart, I’m reminded that Safari is not just a browser but that WebKit is used all over the place.
You mean like Trident ( Internet Explorer ) in Windows (sure Apple dev wouldn’t be that stupid, right ?).
Yes, like that. Apple have done a few things that seem more than a bit stupid or shady.
Obviously, Safari isn’t any worse than Internet Exploder in that way, but in another example, why should a person have to use Apple’s application to change which mail or browser application is the default? In the early releases of Mac OS X, they had an Internet preference pane, similar to the one in Mac OS 8/9.
Well, yes – it *could* be something sinister. But if so, it’s a pretty incompetent job of it – the files don’t seem to have been obfuscated or any attempt made to protect them from prying eyes, they’re just not in the obvious place they should be. No conspiracies here.
Is it consuming large amounts of my Hard disk without my knowledge?
People complain about Vista, but most of the UAC dialogs and broken apps were due to applications trying to write outside the users home profile directory – a real “no no”, but one that Window’s developers have been doing for years (I know I used to!). On Unixish OS’s, this has always been the standard – apps write to your home directory. Only servers/services can write elsewhere. Safari is certainly not a server, and has no business writing outside the home directory. End of story.