Depends on your (actually, their, for example if it implies ephemeral server sessions) definition of “incognito”. But if you mean “incognito” as in “private browsing”, it makes no difference (as it has no server side impact whatsoever).
A file is a file, a remote database entry is a remote database entry. You need both gone (and securely deleted, as in srm(1), to be really and irredeemably logged off).
Admittedly, secure deletion doesn’t really matter on the server side, as restoring deleted files require filesystem level access on the server, and if an attacker has that, you’ve got other things to worry about.
What about incognito sessions?
Depends on your (actually, their, for example if it implies ephemeral server sessions) definition of “incognito”. But if you mean “incognito” as in “private browsing”, it makes no difference (as it has no server side impact whatsoever).
A file is a file, a remote database entry is a remote database entry. You need both gone (and securely deleted, as in
srm(1), to be really and irredeemably logged off).Admittedly, secure deletion doesn’t really matter on the server side, as restoring deleted files require filesystem level access on the server, and if an attacker has that, you’ve got other things to worry about.
Yeah, that’s what I was curious about, the security issues you mentioned as I wasn’t clear in my understanding until now. Thanks.