security - Are images viewed on my screen while using Tor/Firefox combo saved somewhere on my computer?

  • guest

    If an image is not saved while viewing it in Tor, what happens to it when the Tor browser is shut down? Is there a copy/thumbnail saved somewhere, or a reference to it on the hard drive? Does a person have to erase anything when Tor is shut down?

  • Answers
  • Karan

    If you type about:cache in Firefox you will see the following information:


    Only large image and media files are stored as individual files on disk in Firefox's cache folder. Other files are stored in a few large container files and not as separate files on disk. The individual files on disk have random names without a file extension for security reasons, so you can't open an application or start a downloaded virus inadvertently by clicking a file in the cache folder.

    The OfflineCache folder for portable Firefox bundled with Tor can be found at:


    Under Options / Privacy Never remember history should be selected by default. You can also select Use custom settings as long as Clear history when Firefox closes along with all related settings is selected. This should ensure that nothing's retained on disk when Firefox closes. Of course the data is not securely erased/wiped from disk so it might be possible for a forensics expert to retrieve some or all of it from the deleted cache files, but unless you find yourself in that sort of situation it's unlikely a normal user will ever be able to tell exactly what (ahem) images you were viewing.

  • Related Question

    images blocked in Windows Explorer Preview Pane when viewing saved webpages
  • Jim

    When I try to view saved web pages (with .html extension) in the Windows Explorer preview pane, I often see this message: "Some pictures have been blocked to help prevent the sender from identifying your computer. Open this item to view the pictures." Is there a way to prevent the blocking of the pictures?

  • Related Answers
  • awe

    This is to help protect you against potentially malicious functionality accessing your computer. When the html is located locally on your computer, it is possible for the server where the images is located to read certain details about your computer. This warning is a good thing - if you trust the original site where the pictures are located, you can choose to allow it (after the warning). You would think that static images can not do harm, but images can be created dynamically on the server, and in that case, the image url is a call to a server function that returns the image response after doing some stuff on the server. The server process can read some information from the parent web site (which in this case is your computer).

    If you want to get rid of the warning, you must save the complete web page, not just the html. You have 2 options in the Save as... dialog in IE that does this:

    Web page, complete (*.htm;*html)

    This stores the html, and also all related resources (images, css files, js files etc) in a separate folder on your computer.

    Web Archive, single file (*.mht)

    This stores everything inside a single file, that can be read by IE. This stores all resources within the file as binary data.