Safari can keep your browsing history private. When you turn on private browsing, Safari doesn’t remember the pages you visit, your search history, or your AutoFill information, so your partner cannot see where you have been, but you must also remember to also turn off acceptance of cookies.
In all other respects Private Browsing is not as private as you might think:
http://www.switchingtomac.com/tutorials/how-to-make-safaris-private-browsing-fea ture-actually-private/
http://www.insanely-great.com/news.php?id=9054
and then Apple's own advice from here: http://www.apple.com/pro/tips/privacy_safari.html
"Note that the Private Browsing option does not prevent Safari from collecting cookies (the preference files automatically generated by many websites). The Reset Safari option clears all cookies. If you want to delete only certain ones, choose Preferences from the Safari menu, click the Security tab, and then click Show Cookies. You can select and delete individual cookies from the list that appears. Careful, though — if you’re a frequent web user, this list can be very, very long."
which is itself incomplete, the relevant part being 'If you want to delete only certain ones.
To that end it is useful to have Safari Cookies installed, which is the only cookie manager available for Safari:
http://sweetpproductions.com/safaricookies/
which automatically deletes all cookies not marked as 'favourites' when closing Safari. It does the same for Flash Cookies, but they are subject for themselves:
From this website:
http://machacks.tv/2009/01/27/flushapp-flash-cookie-removal-tool-for-os-x/
For those who do not know about Flash cookies, more properly referred to as Local Shared Objects (LSO), they operate in a similar way to regular browser cookies but are stored outside the purview of your browser, meaning you cannot delete them from within your browser, whether Safari, Firefox, Opera or any other. Typically they are issued from sites or 3rd party sites that contain Adobe Flash content. Since virtually all internet advertising is delivered in Flash, Google/Doudleclick and all other internet advertising companies are sure to be tracking your browsing behavior with Flash cookies. These companies can see you traverse the Internet as you come upon the plethora of sites that contain their embedded advertising. Check out the Wikipedia entry here.
In Mac OS X they are stored in the following location:
/User’s Home Folder/Library/Preferences/Macromedia/Flash Player/#SharedObjects
The settings for the Flash cookies are stored in:
/User’s Home Folder/Library/Preferences/Macromedia/Flash Player/macromedia.com/support/flashplayer/sys
In OS X Local Shared Objects, or Flash Cookies, are appended with a .sol suffix. Flush deletes all the Flash cookies (.sol) and their settings.
Flush can be downloaded from that page.
If you want to retain certain Flash cookies but not others, the excellent add-on for Safari called SafariCookies now includes a setting for automatically deleting flash cookies you don't want to retain, when Safari is shut down, in the same as it deals with ordinary cookies:
http://www.sweetpproductions.com/safaricookies/index.htm
which not only does that but much more equally useful stuff!
This article covers the issue in more depth:
http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/
Flash cookies are also known as 'Zombie Cookies' and are used by a number of firms, including Hulu, MTV, and Myspace. Graham Cluley, senior technology consultant at the internet security firm Sophos, told BBC News that the source of the trouble was Adobe Flash itself, which he called "one of the weirdest programs on the planet".
"I think it's highly unlikely that these large companies have abused Flash cookies - which are different from browser cookies - with malicious intent," he said.
"I think it's much more likely that the vast majority of users are simply oblivious to the bizarre way in which Adobe allows them to configure the software."
http://www.bbc.co.uk/news/technology-10787882
And a more recent article:
http://www.nytimes.com/2010/09/21/technology/21cookie.html?_r=3&scp=1&sq=flash&s t=cse
[b]Tracker cookies and the invisible web:[/b]
– tags, web bugs, pixels and beacons that are included on web pages in order to get an idea of your online behavior.
Ghostery tracks the trackers and gives you a roll-call of the ad networks, behavioral data providers, web publishers, and other companies interested in your activity.
http://www.ghostery.com/about
This provides an extension to Safari (also available for other browsers) that shows you what data tracking is active on each web page you visit, and enables you to block them.