The Boston Globe website is closing off a hole in its paywall by preventing visitors who aren't logged in from reading articles in a browser's private mode.
"You're using a browser set to private or incognito mode" is the message given to BostonGlobe.com visitors who click on articles in private mode. "To continue reading articles in this mode, please log in to your Globe account." People who aren't already Globe subscribers are urged to subscribe.
Like other news sites, the Globe limits the number of articles people can read without a subscription. Until the recent change, Globe website visitors could read more articles for free by switching to private or incognito mode.
Source: ArsTechnica
(Score: 2) by rleigh on Sunday May 21 2017, @07:40AM (5 children)
Is this a flaw in the Private/Incognito mode sandbox? Surely to be effective the fact that something is inside a sandbox should be undetectable? How are they detecting the sandbox?
(Score: 4, Interesting) by bradley13 on Sunday May 21 2017, @08:16AM (3 children)
Apparently they can somehow tell that they cannot save permanent data on the local machine. Which is indeed a flaw in the sandbox, as it should not be visible that the data will be deleted when the tab closes. Then again: Just how much trust do you have in the authors of your browser? Why, exactly, do we trust the browser manufacturer's to get this right, when their financial interests are diametrically opposed to doing so?
Update: Apparently the Boston Globe has reversed their policy? I am now looking at their site in three different browsers, all in incognito mode, with no problems at all.
Everyone is somebody else's weirdo.
(Score: 0) by Anonymous Coward on Sunday May 21 2017, @09:11AM
I am now looking at their site
Mission accomplished!
(Score: 4, Insightful) by kaszz on Sunday May 21 2017, @04:56PM
Yeah, obviously the sandbox is flawed. Let them save or set whatever they want. It will be gone anyway later. As for browser trust. It's likely a convenience thing. It works good enough. Do bad enough and it goes the Internet Exploder v6.0 way. But there is a way to not only sandbox a specific visit but sandbox it all by running the whole thing inside a VM box which is reset as often as needed.
(Score: 1, Informative) by Anonymous Coward on Tuesday May 23 2017, @01:33AM
I don't trust my browser maker. That's why I use firejail --private --overlay-tmpfs
Which creates a new private home directory in a ram disk and then overlays a tmpfs layer on top of the entire system. Nothing that gets written to disk should actually go to disk unless the overlay mount is flawed. Sandboxie can do the same on Windows IIRC and MacOS has a similar capability in its sandbox but it's a bit harder to configure because I haven't found any good tools to automate the process.
(Score: 2) by Rivenaleem on Monday May 22 2017, @09:52AM
I imagine it is a process very similar to a Warrant Canary. No cookie detected? They must be a new user, so display them "You must join up or log in to view this page".