WhatWhyHowTV

We explore the questions that connect us all.

What You Browse, Who Can See, and Why Incognito is a Lie

We often feel like our screen is a private bubble. We turn on “Incognito Mode” and assume we are invisible.

The Reality: The internet is not a private bubble; it is a public road. Every time you click a link, you are sending a digital postcard through a complex system of postal workers, road owners, and shopkeepers.

Here is exactly WHO can see your activity, WHAT they can see, and HOW you can (or can’t) stop them.

Part 1: The Observers (Who Is Watching?)

1. The Road Owner: Your ISP (Internet Service Provider)

Your ISP is the company you pay for internet (like Comcast, AT&T, Verizon, Jio, BT)

  • WHAT they can see:
    • The Destination: They know exactly which websites you visit (e.g., “User visited youtube.com“).
    • The Timing: They know when you visited and how long you stayed.
    • The Volume: They know if you downloaded a huge file (like a movie) or just read text.
    • Note: If the website uses HTTPS (the little padlock 🔒 in your browser), the ISP cannot see the specific page or what you typed. They see the envelope, not the letter.
      • Example: They see you are on google.com, but they cannot see that you searched for “How to bake a cake.”
  • HOW they see it:
    • You are driving on their digital road. To get to Google, your computer must ask the ISP’s server to guide you there (this is called a DNS request). They log these requests.

2. The Shop Owner: The Sites You Visit (Google, Facebook, Amazon)

  • WHAT they can see:
    • Everything. Once you are inside their “shop,” they see every click, every search, every video you pause, and every message you type.
    • Incognito Mode doesn’t help here. If you log into Facebook in Incognito, Facebook still knows it’s you.
  • HOW they see it:
    • You are interacting directly with their software. They record your actions to improve their service and show you ads.

3. The “Boss”: Your Employer (Work Wi-Fi or Office VPN)

This is the trickiest one. If you are on a work laptop or connected to the office Wi-Fi/VPN:

  • WHAT they can see:
    • Standard: Like an ISP, they see every website domain you visit.
    • The “Super Snoop” (HTTPS Inspection): Many large companies install a special “Root Certificate” on work devices. This allows them to break the HTTPS lock. In this case, they can see everything—your search terms, the specific videos you watch, and even the content of your emails if you use personal webmail on a work computer.
  • HOW they see it:
    • They own the network and the device. The “Root Certificate” tricks your browser into trusting the company’s server as if it were the real website, allowing them to read the “sealed envelope.”

4. The Government

  • WHAT they can see:
    • Generally, they don’t watch everyone in real-time. Instead, they request data from the ISP or the Platform (like Google) if they have a legal reason (warrant or subpoena).
  • HOW they see it:
    • Legal requests. Your ISP keeps logs of your history for a certain period (depending on the country’s laws) specifically for this purpose.
💡 Curiosity Break: The “Incognito” Myth: Does Incognito Mode stop people from tracking me?

No. Incognito mode only wipes the memory of your device. It deletes the history log on your computer so your mom or spouse doesn’t see where you’ve been. It does absolutely nothing to stop the ISP, the website, or your boss from seeing your activity.

Part 2: The Shields (How to Protect Yourself)

1. HTTPS (The Standard Shield)

  • What it is: The default encryption for most of the web (look for the 🔒).
  • What it protects: It hides the content of your browsing from your ISP and hackers on public Wi-Fi.
  • What it fails at: It does not hide the fact that you are visiting a specific website.

2. VPN (The Armored Tunnel)

  • What it is: A Virtual Private Network. It creates a secure tunnel from your device to a VPN server in a different location.
  • How it works: Instead of driving your car directly to Google on the ISP’s road, you drive into a private tunnel. The ISP sees you enter the tunnel, but they have no idea where you go after that.
  • The Catch: You are shifting your trust. The ISP can’t see your history, but the VPN Company can. You must trust that the VPN company doesn’t keep logs.
  • Does it fool the Boss? Maybe. But your boss can see that you are using a VPN, which might be against company policy.

3. Tor (The Maze) 🧅

  • What it is: A browser that bounces your internet traffic through three random computers (nodes) around the world. Imagine you want to send a letter to Google, but you don’t want Google (or the postman) to know it came from you. Instead of mailing it directly, you use The Tor Maze.
  • How it Works (The 3-Stop Journey): When you use the Tor Browser, your request doesn’t go straight to the website. It bounces through three random volunteer computers around the world.
    • To understand how Tor protects you, imagine your computer wraps your request in three layers of digital locks, much like an onion. Your computer sends this locked bundle to Computer A, which uses its key to open only the outer layer, revealing instructions to pass the package to Computer B; because the destination is still locked deep inside, Computer A knows who you are but not where you are going. The package then moves to Computer B, which acts as a blind middleman, unlocking the next layer just to pass it along to Computer C. Finally, Computer C unlocks the innermost layer to find the destination address and retrieves the website data, knowing where you are going but having no idea who you are. To get the answer back to you, the process simply reverses like a bucket brigade: Computer C hands the data back to B, B hands it back to A, and A hands it finally to you, ensuring that no single computer in the chain ever knows the full story of who you are and what you are looking at.
  • The Result: It is extremely difficult for anyone to trace the activity back to you.
  • The Catch: It is very slow.

4. End-to-End Encryption (The Lockbox)

  • Used for: Messaging (WhatsApp, Signal, iMessage).
  • How it works: The message is locked on your phone and only unlocked on your friend’s phone. Not even the company (WhatsApp/Apple) can read the message.
  • Advice: Always use E2EE apps for sensitive conversations.
💡 Curiosity Break: End-to-End Encryption (E2EE) vs. The “Boss” (The “Root Certificate” Scenario)

You connect your personal phone to the company Wi-Fi. Your company uses “Deep Packet Inspection” (a Root Certificate) to read secure web traffic. Can they read your WhatsApp messages?

Can they read the messages? NO. Even with a Root Certificate, the company network cannot break the encryption of apps like WhatsApp or Signal. The “keys” to unlock your messages are physically stored on your device, not on the network. The company server just sees a stream of jumbled nonsense flowing between you and WhatsApp servers.

What CAN they see? They can see that you are using WhatsApp. They can see how much data you are sending (e.g., “They are sending a 5MB file, probably a video”). But they cannot see what the video is or what the text says.

The “Device Control” Trap (The Real Danger): While the network can’t read your messages, the device might betray you. If you are using a Company-Issued Phone or a laptop with MDM (Mobile Device Management) software installed:

  • Keyloggers: They might record every key you press.
  • Screen Captures: They might take automated screenshots of your screen.
  • Notifications: They might read the text of the notification as it pops up on your screen.

Leave a Reply

Navigation

About

WhatWhyHowTV is a global exploration into the heart of curiosity. We delve into the What (the facts), the Why (the context), and the How (the meaning) behind every topic we cover. From ancient mysteries and cultural traditions to scientific breakthroughs, our mission is to provide clear, in-depth explanations that spark your wonder. We believe that understanding is a journey, not a destination. Join us in asking the next big question.

Discover more from WhatWhyHowTV

Subscribe now to keep reading and get access to the full archive.

Continue reading