Yes, they will know that your friend visited a porn site.

Each tab in a private browser window has an isolated cache; there wouldn't normally be anything shared between them.

It is possible to launch a tab from inside of another tab that will have duplicate cookies of the parent tab, but barring something particularly unusual, each tab uses a separate "memory space"

Appreciate this. I noticed that when I log in to some sites in a private browser window, and then close that window, and open a new one, I don't need to log in to the site again. Somehow the site "knows" I was already logged in. Is that on the basis of IP address, or cookies, or both?

Naturally new tabs opened in a private browser window will function much like new tabs in an non-private window; if I log in to, say, Google in a private window, and open YouTube in a new tab within that window, I am automatically logged in to YouTube. But some sites seem to cross that two separate private windows barrier.

Just to make sure I am tracking you, sites which are opened in various non-private windows/tabs are all sharing the same cache on a given browser?

If you are really worried about such stuff you should be using a VPN.

The caches should be isolated. You can always open private windows in different browsers. For example, open a private window in Firefox and another private window in Chrome.

Session cookies are in their own sandbox but persistent cookies are saved on disk and can be read by any tab or window. This is how google and other trackers, trace your browsing habits.

You can open a private browsing tab.
Then click the header and drag it off your main session.

The cache/cookies/data on the main tabs (non private browsing) will be unaffected.

Everything you do on the separated window for private browsing will be separate. Anything you search, browse, or type in forms will not save to the device you are using.

It will not save cookies or site data or search engine searches onto the device

However.
- Your ISP can see everything you have done or visited or searched on your network, whether on a smartphone/tablet/PC/laptop

- If you visit a website like CalGuns, if they have set up their analytics properly... they will see your IP address. Which can be tied to your location and device.

- Any website you have visited, will have the same in their logs (unless they haven't set up ip address tracking)

- Any application/software that connects to the internet you use will have logs of your activity

- Any search engines you have used will have logs of your searches

VPN can assist in masking. However, there is still a way to track back to the VPN.
VPN mainly hides certain activities from being tied to your IP and location

When these tracking mechanisms see activity, they can be linked to the same VPN

Let's say a bad guy uses a VPN. He gets caught outside somewhere doing something. They have reason to search his home.
They can go to the ISP to subpoena his activity and devices if they want.
Even if he uses a VPN, it will still show on the ISP. But not the device.

This is in the event the guy is one bad hombre. And they want to find everything.
All they need to know is where he lives. That's where it starts.

Just an FYI.

Ask your friend from where he is concerned the scrutiny will arise.

While the private browser will effectively hide/erase actions within the browser, you have the keyboard input being logged as well. Predictive text can reveal just as much a web history.

This is not strictly true. Your ISP might see IP addresses you visit if they were logging such a thing, but they cannot see hostnames you are querying for if you use DNS over HTTPS (DoH). Many browsers have that enabled by default now. And with content distribution these days, an IP doesn't always tell you much about what someone was doing.

And they cannot see URLs you get unless you are using HTTP or you are using your ISP as a proxy and have installed their cert. They cannot see your searches, anything you download, etc. Most browsers and websites try to enforce HTTPS so not many people are doing HTTP anymore.

For anyone using an updated copy of Windows 10 or 11 Pro, don't forget you have a Sandbox VM now (or you can easily enable it if you haven't already). It has Edge inside, great for visiting sketch websites or doing rabbit hole searches because no matter what happens inside, it cannot affect your system and it will all vanish when you close the sandbox.

You do realize the internet and everything that touches it is designed intrinsically to enable tracking and tracing? Internet security and privacy is an illusion - treat it accordingly.

Insufficient, check out TAILS:



Though of course where there's a will there's a way and TAILS/TOR is no guarantee of privacy or anything else for that matter.