Rixstep
	`About \| ACP \| Buy \| Industry Watch \| Learning Curve \| News \| Products \| Search \| Substack`

Home » Learning Curve » Hotspots

Safari 4: A Privacy Nightmare

Alfred's back designing applications in Cupertino again?

Get It

Try It

Privacy on OS X was easy back in the days when NeXTSTEP was new to Cupertino and people still hadn't figured out how to 'improve' it. A few easily crafted scripts run through applications such as this were enough to achieve a full cleanup. But since then things have become increasingly problematic.

'C Harwick' has done an in-depth study of the data trails left by Apple's Safari 4. It's not a pretty sight.

'Those of you who've been trying out the new Safari 4 beta - at least on the Mac, though I imagine you could find similar data trails on the Windows version too - have no doubt been impressed at its shiny new features. But if you're a stickler for disk space like I am or a stickler for privacy (or heaven help you both) Safari's poor housekeeping is quite alarming', writes Harwick.

Harwick's alarm is caused not just by the magnitude of the data left behind nor solely by its being spread in so many wild and wacky locations but by the application's absolute refusal to clean up after itself.

'Let's start with the easy stuff', continues Harwick. 'In ~/Library/Caches/Metadata/Safari reside two folders: Bookmarks and History. Inside the History folder is a file for every webpage you've visited regardless of when you've set Safari to delete history items in your preferences.'

But he's just warming up.

Top Sites

'You know the fancy new Top Sites feature and how it tells you with a little blue star peeled away from the page preview if it's been updated since you last checked? Safari makes a little file for every site every time it checks on them', says Harwick, 'which if RefreshInterval is in seconds as I suspect it is means it creates a nice XML file for every one of your top sites every 30 minutes (1800 seconds).'

These are located in ~/Library/PubSub/Feeds and given arcane hexadecimal names and contain whatever turned out to be new on the webpage. As the Wikipedia homepage is one of mine and changes just about constantly, the vast majority of my XMLs were filled with Wikipedia content.

I had over 24000 and deleting everything more than a week old saved me about 93 MB.'

Web Page Previews

Time to switch into higher gear.

'But even this isn't the worst of it', continues Harwick. 'The most outrageous thing I found - and it took drinking from Spotlight's firehose of filesystem changes with FSEventer to find it - was that Safari does not delete the webpage previews it generates for QuickLook. Ever.'

'2.03 GB of webpage previews (2 per website - a full resolution and a thumbnail) all generated since downloading the Safari 4 beta, residing not in the user library - not even in the root library - but in:

/private/var/folders/*/*/-Caches-/com.apple.Safari/Webpage Previews

'A hidden folder far away from the mouseclicks of all but the most relentless tinkerers.'

[Note: those paths should be on everyone's clean list already. Ed.]

14 Tips for Safari 4 Beta

But the misery doesn't stop there. Mac OS X Tips have a list of tips for Safari 4 which tacitly shows how this glorious product preview is going to screw up your system. One of the best is how it crashes Xcode.

So be prepared. One of the most important (to hinder too much promiscuity) is to run the following command.

defaults write com.apple.Safari DebugSafari4IncludeTopSites -bool NO

(A full collection of CLIX commands to cover these issues is available at a URL below.)

I really like Safari but I'm going to have to seriously consider using Firefox now.
- C Harwick
'Empty cache' doesn't delete everything. Before: 737 MB. After: 571 MB. Files are scattered all over the place. This is seriously fucked up.
- 'mallumax'