[PRIVACY] WARNING: Dolphin's collection of your browsing history

Search This thread
By:
Advanced…
F

Fnorder

Senior Member
Nov 8, 2008
153
327
Lake Vostok
If it weren't for things like this, I'd still be a fan of Dolphin Browser.

Ever since the 'webzine' 'feature' came out (in version 6), this app forwards the URL of:
:mad: Every link you click.
:mad: Every search you enter.
:mad: Every page you load.

To: http://en.mywebzines.com/v3/columns?u=(URLencodedURL)&t=(TIMESTAMP)

This includes:
:mad: SSL URLs.
:mad: QUERY_STRINGS.
:mad: IP addresses on private networks and file:// urls.

In addition, when I mentioned this on http://blog.dolphin-browser.com, the comment awaited moderation for two days before being deleted. I've yet to receive an email.

Proof:
Code: 
[root@phone]~# ngrep -P '!' -lq -R -W single -M '(^GET|^POST|^Host:|^[^ ]ookie:)' "tcp port 80"
interface: eth0 (10.23.1.0/255.255.255.0)
filter: (ip or ip6) and ( tcp port 80 )
match: (^GET|^POST|^Host:|^[^ ]ookie:)


T 10.23.1.220:60126 -> 107.20.41.53:80 [AP] GET /v3/columns?u=http%3A%2F%2F10.23.1.254%2F&t=1319574537635 HTTP/1.1!!Authorization: cd7f573ec9e6e865a28aaab7a1793796!!Accept-Encoding: gzip!!Host: en.mywebzines.com!!Connection: Keep-Alive!!!!

(less spammy proof)
 [G] www.google.com:80/search?q=wut
 [G] en.mywebzines.com:80/v3/columns?u=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dwut&t=1319574984926
 [G] en.mywebzines.com:80/v3/columns?u=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dwhat%2Bis%2Bthis%2Bi%2Bdont%2Beven&t=1319575011872
 [G] en.mywebzines.com:80/v3/columns?u=file%3A%2F%2Fsdcard%2Fdata%2Fhome.html&t=1319575109160

Stick this in your /system/etc/hosts to make the Orwellian nightmare stop. This will break webzine 'functionality', and is only possible on rooted phones:
Code: 
127.0.0.1 en.mywebzines.com mywebzines.com

Alternatively, here is how to remove this via APKTool:
Code: 
* apktool d mobi.mgeek.TunnyBrowser-1.apk
* apply the this patch to smali/mobi/mgeek/TunnyBrowser/WebViewCallbackHandler.smali

#####
--- orig-7.0/smali/mobi/mgeek/TunnyBrowser/WebViewCallbackHandler.smali 2011-10-22 11:41:43.000000000 +0000
+++ mobi.mgeek.TunnyBrowser-7/smali/mobi/mgeek/TunnyBrowser/WebViewCallbackHandler.smali        2011-10-22 11:40:18.000000000 +0000
@@ -2189,7 +2189,7 @@
 
     .line 576
     :cond_2
-    invoke-direct {p0, p1, v0}, Lmobi/mgeek/TunnyBrowser/WebViewCallbackHandler;->a(Lcom/dolphin/browser/core/IWebView;Ljava/lang/String;)V
+#    invoke-direct {p0, p1, v0}, Lmobi/mgeek/TunnyBrowser/WebViewCallbackHandler;->a(Lcom/dolphin/browser/core/IWebView;Ljava/lang/String;)V
 
     goto :goto_0
 .end method
#####

I would attach an .apk of dolphin cleansed of it's spyware AIDS, however I'm not sure if the mods would like that. :mad:

update:
Modified APKs posted http://xdaforums.com/showpost.php?p=18799432&postcount=61
update: Fiasco appears on http://www.androidpolice.com/2011/1...e-you-visit-to-a-remote-server-in-plain-text/
update: Dolphin writes blog post claiming data is not retained, and that 'feature' is disabled. Latest market version. (7.0.1/id105) appears, still forwards urls
update: Version 7.0.2 (id 106) no longer forwards urls.
 
Last edited:
  • Like
Reactions: MrKite4, alispeedsport, Jughead295 and 194 others
F

Fnorder

Senior Member
Nov 8, 2008
153
327
Lake Vostok
While I have no proof dolphin == mywebzines, they conveniently share the same hosting and dns providers (both domains are registered via proxy)
Code: 
[root@vm]~# for i in $(host -t a dolphin-browser.com|awk '{print $NF}');do host $i;done
89.249.19.50.in-addr.arpa domain name pointer ec2-50-19-249-89.compute-1.amazonaws.com.
[root@vm]~# for i in $(host -t a en.mywebzines.com|awk '{print $NF}');do host $i;done
77.123.17.50.in-addr.arpa domain name pointer ec2-50-17-123-77.compute-1.amazonaws.com.
185.179.17.50.in-addr.arpa domain name pointer ec2-50-17-179-185.compute-1.amazonaws.com.
58.30.19.50.in-addr.arpa domain name pointer ec2-50-19-30-58.compute-1.amazonaws.com.
167.175.19.50.in-addr.arpa domain name pointer ec2-50-19-175-167.compute-1.amazonaws.com.
93.246.101.75.in-addr.arpa domain name pointer ec2-75-101-246-93.compute-1.amazonaws.com.
53.41.20.107.in-addr.arpa domain name pointer ec2-107-20-41-53.compute-1.amazonaws.com.
205.64.72.184.in-addr.arpa domain name pointer ec2-184-72-64-205.compute-1.amazonaws.com.
119.178.72.184.in-addr.arpa domain name pointer ec2-184-72-178-119.compute-1.amazonaws.com.
156.2.73.184.in-addr.arpa domain name pointer ec2-184-73-2-156.compute-1.amazonaws.com.
33.95.17.50.in-addr.arpa domain name pointer ec2-50-17-95-33.compute-1.amazonaws.com.
[root@vm]~# host -t ns mywebzines.com;host -t ns dolphin-browser.com
mywebzines.com name server ns2.dnsv5.com.
mywebzines.com name server ns1.dnsv5.com.
dolphin-browser.com name server ns1.dnsv4.com.
dolphin-browser.com name server ns2.dnsv4.com.
[root@vm]~#
 
  • Like
Reactions: cdpriest, agen47, droog. and 16 others
L

lexluthor

Senior Member
Feb 7, 2007
1,927
204
Subscribed.

As a Dolphin user, I'm interested to see where this goes.

Maybe you can get the adfree android developer to add en.mywebzines.com to the next hosts file update and problem solved (for adfree users, at least).
 
F

Fnorder

Senior Member
Nov 8, 2008
153
327
Lake Vostok
lexluthor said:
Subscribed.

As a Dolphin user, I'm interested to see where this goes.

Maybe you can get the adfree android developer to add en.mywebzines.com to the next hosts file update and problem solved (for adfree users, at least).
Click to expand...
Click to collapse

Does't adfree allow custom entries?

I still use dolphin 4 as it has the best UI on android...especially after the modifications I've made. Unfortunately since it's free of admob and mobosquare code I'd probably get in trouble for posting it :D
 
Rico ANDROID

Rico ANDROID

Senior Member
Mar 23, 2011
342
15
In my DELL Streak
Uninstallimg today

mills2533 said:
Nice work. I'll keep watching this thread.
Click to expand...
Click to collapse

Makes you wonder why Google is still allowing Dolphin to stay in their catalog.... Uninstalling today!

Hmmmmph!

grump.jpg
 
_Raziel666

_Raziel666

Senior Member
Jun 15, 2011
727
209
Athens
If we add this address to the hosts file, won't the problem be solved?

Thanks for bringing this up anyways! :)
 
Thee GOC

Thee GOC

Senior Member
Oct 30, 2010
63
7
Chicago
Uninstalling now, and too bad, I like their setup. Guess I will be shopping around for another browser.

Plus interested in seeing where this will go.
 
F

Fnorder

Senior Member
Nov 8, 2008
153
327
Lake Vostok
abdielol said:
I recommend Boat Browser. It's very smooth and clean. I switched to it from dolphin and I've never looked back.
Click to expand...
Click to collapse

Omnichron said:
I use Boat Browser, very clean.. none of the concerns and bloatware mentioned.:)
Click to expand...
Click to collapse

I remember trying boat. It failed my evaluation on two counts: The lower button bar wouldn't go away, and it constantly posted data to http://www.umeng.com/app_logs

Code: 
 [P] www.umeng.com:80/app_logs
   post: T 10.23.1.220:38582 -> 211.151.139.246:80 [AP] H!}![K!1!!!!!'!!!K!7!A!!E!E|!Y!d!.M!!!H-!!N!!!!}!!!!sfV{!!!!!d!!!!!!#!I!v V-!!!(k!!T!k!!!!!2!j!!"G!A!!!5!A>!!!]!!`K!Tk!!!!`!!!!J^!XdT!jC!!!!!D!!&5C!!:W=!!S!!e D!!!!!g!G!!!!!!O!c!<!!!!!I!1!!!X!!!z!!!!!!1!!4#!!!!!!!!!0>!!!C{4%!:o!~!!!!!!tJ!!!!!!]!!!!!!!!!!!!!!!!!!!C!C!!!!!qY!!5[#!M!!K(+*s!!!PI!u!!/J!!q!0!!!-!!!=?!g!!!Q\!!w!!!R!!!!!0!G3-V2!!U!m!5!q![!j!g!!Z9w!!eV!oC!!od!!!

I've not sifted through smali code to see -what- gets posted, but it does so every time you do something.
 
  • Like
Reactions: d14b0ll0s and waky_xperia
You must log in or register to reply here.

Similar threads

yash92duster
  • Poll
[Mods]Samsung &not;Android Mods Collection[Exynos]
Replies
2K
Views
473K
TheWinner02
TheWinner02
danish1994
Find Bluestacks SD Card Location in Your PC
Replies
28
Views
568K
M
MIDHUN.V.NADH
ronbo76
  • Poll
Safe mode in Android - what to do if you see that label on your screen
Replies
14
Views
581K
E
eye.wander
B
[GUIDE] How to restore / import Line chat history!
Replies
172
Views
298K
Aikibot
Aikibot
K
Support List of KingRoot [Samsung]
Replies
284
Views
937K
Tousifmeer
Tousifmeer

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 197
    F
    Fnorder
    If it weren't for things like this, I'd still be a fan of Dolphin Browser.

    Ever since the 'webzine' 'feature' came out (in version 6), this app forwards the URL of:
    :mad: Every link you click.
    :mad: Every search you enter.
    :mad: Every page you load.

    To: http://en.mywebzines.com/v3/columns?u=(URLencodedURL)&t=(TIMESTAMP)

    This includes:
    :mad: SSL URLs.
    :mad: QUERY_STRINGS.
    :mad: IP addresses on private networks and file:// urls.

    In addition, when I mentioned this on http://blog.dolphin-browser.com, the comment awaited moderation for two days before being deleted. I've yet to receive an email.

    Proof:
    Code: 
    [root@phone]~# ngrep -P '!' -lq -R -W single -M '(^GET|^POST|^Host:|^[^ ]ookie:)' "tcp port 80"
interface: eth0 (10.23.1.0/255.255.255.0)
filter: (ip or ip6) and ( tcp port 80 )
match: (^GET|^POST|^Host:|^[^ ]ookie:)


T 10.23.1.220:60126 -> 107.20.41.53:80 [AP] GET /v3/columns?u=http%3A%2F%2F10.23.1.254%2F&t=1319574537635 HTTP/1.1!!Authorization: cd7f573ec9e6e865a28aaab7a1793796!!Accept-Encoding: gzip!!Host: en.mywebzines.com!!Connection: Keep-Alive!!!!

(less spammy proof)
 [G] www.google.com:80/search?q=wut
 [G] en.mywebzines.com:80/v3/columns?u=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dwut&t=1319574984926
 [G] en.mywebzines.com:80/v3/columns?u=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dwhat%2Bis%2Bthis%2Bi%2Bdont%2Beven&t=1319575011872
 [G] en.mywebzines.com:80/v3/columns?u=file%3A%2F%2Fsdcard%2Fdata%2Fhome.html&t=1319575109160

    Stick this in your /system/etc/hosts to make the Orwellian nightmare stop. This will break webzine 'functionality', and is only possible on rooted phones:
    Code: 
    127.0.0.1 en.mywebzines.com mywebzines.com

    Alternatively, here is how to remove this via APKTool:
    Code: 
    * apktool d mobi.mgeek.TunnyBrowser-1.apk
* apply the this patch to smali/mobi/mgeek/TunnyBrowser/WebViewCallbackHandler.smali

#####
--- orig-7.0/smali/mobi/mgeek/TunnyBrowser/WebViewCallbackHandler.smali 2011-10-22 11:41:43.000000000 +0000
+++ mobi.mgeek.TunnyBrowser-7/smali/mobi/mgeek/TunnyBrowser/WebViewCallbackHandler.smali        2011-10-22 11:40:18.000000000 +0000
@@ -2189,7 +2189,7 @@
 
     .line 576
     :cond_2
-    invoke-direct {p0, p1, v0}, Lmobi/mgeek/TunnyBrowser/WebViewCallbackHandler;->a(Lcom/dolphin/browser/core/IWebView;Ljava/lang/String;)V
+#    invoke-direct {p0, p1, v0}, Lmobi/mgeek/TunnyBrowser/WebViewCallbackHandler;->a(Lcom/dolphin/browser/core/IWebView;Ljava/lang/String;)V
 
     goto :goto_0
 .end method
#####

    I would attach an .apk of dolphin cleansed of it's spyware AIDS, however I'm not sure if the mods would like that. :mad:

    update:
    Modified APKs posted http://xdaforums.com/showpost.php?p=18799432&postcount=61
    update: Fiasco appears on http://www.androidpolice.com/2011/1...e-you-visit-to-a-remote-server-in-plain-text/
    update: Dolphin writes blog post claiming data is not retained, and that 'feature' is disabled. Latest market version. (7.0.1/id105) appears, still forwards urls
    update: Version 7.0.2 (id 106) no longer forwards urls.
    View
    19
    F
    Fnorder
    While I have no proof dolphin == mywebzines, they conveniently share the same hosting and dns providers (both domains are registered via proxy)
    Code: 
    [root@vm]~# for i in $(host -t a dolphin-browser.com|awk '{print $NF}');do host $i;done
89.249.19.50.in-addr.arpa domain name pointer ec2-50-19-249-89.compute-1.amazonaws.com.
[root@vm]~# for i in $(host -t a en.mywebzines.com|awk '{print $NF}');do host $i;done
77.123.17.50.in-addr.arpa domain name pointer ec2-50-17-123-77.compute-1.amazonaws.com.
185.179.17.50.in-addr.arpa domain name pointer ec2-50-17-179-185.compute-1.amazonaws.com.
58.30.19.50.in-addr.arpa domain name pointer ec2-50-19-30-58.compute-1.amazonaws.com.
167.175.19.50.in-addr.arpa domain name pointer ec2-50-19-175-167.compute-1.amazonaws.com.
93.246.101.75.in-addr.arpa domain name pointer ec2-75-101-246-93.compute-1.amazonaws.com.
53.41.20.107.in-addr.arpa domain name pointer ec2-107-20-41-53.compute-1.amazonaws.com.
205.64.72.184.in-addr.arpa domain name pointer ec2-184-72-64-205.compute-1.amazonaws.com.
119.178.72.184.in-addr.arpa domain name pointer ec2-184-72-178-119.compute-1.amazonaws.com.
156.2.73.184.in-addr.arpa domain name pointer ec2-184-73-2-156.compute-1.amazonaws.com.
33.95.17.50.in-addr.arpa domain name pointer ec2-50-17-95-33.compute-1.amazonaws.com.
[root@vm]~# host -t ns mywebzines.com;host -t ns dolphin-browser.com
mywebzines.com name server ns2.dnsv5.com.
mywebzines.com name server ns1.dnsv5.com.
dolphin-browser.com name server ns1.dnsv4.com.
dolphin-browser.com name server ns2.dnsv4.com.
[root@vm]~#
    View
    17
    F
    Fnorder
    I've had so many requests for them via pm....

    7.0 cleaned: http://qfs.mobi/f40936 : Not renamed, but resigned, so the original (and all plugins and themes) will need to be uninstalled

    4.0 modded: http://qfs.mobi/f40949 : Renamed, won't need to uninstall original. This one has a number of tweaks to UI behavior, and extra functionality (Custom search URL, customizable bookmarklet button, unlimited tabs) 'exit' menu option closes tab, so hold back to exit. All admob/analytics/mobosquare code removed.

    (if mods -do- object, apologies ahead of time :p)
    View
    13
    aminaked
    aminaked
    ThePureHeart said:
    This is old and Dolphin have explained this!
    It's no longer an issue.
    Click to expand...
    Click to collapse

    Stop defending Dolphin by propagating their public relations spin.

    The whole truth is that Dolphin now encrypts the data that they phone home. That does not fix the privacy issue. They made a completely incompetent and bonehead move phoning home all URLs in plain text, even https URLs which should always be encrypted as they contain sensitive information like passwords. It is true they stopped that idiocy, but you are ignoring what is really happening now.

    Look at this analysis of the current version of Dolphin Browser:
    http://mobilesandbox.org/xml_report_static/?q=357932

    android.permission.READ_LOGS [basically no app should have this]
    android.permission.RECEIVE_BOOT_COMPLETED [why is your browser starting on boot?]
    android.permission.READ_CONTACTS [you want your browser to read your contacts?]
    android.permission.RECORD_AUDIO [you want your browser to record audio?]
    android/telephony/TelephonyManager;->getDeviceId [to identify you]
    getSubscriberId [to identify you]
    Execution of external commands [scary]
    Cipher(AES/ECB/PKCS5PADDING) [now they encrypt data]
    Cipher(DES/CBC/PKCS5Padding) [they learned not to send it in plain text]
    Cipher(RSA/ECB/PKCS1Padding) [encrypted so we cannot know what they collect]
    HttpPost [and phoning home]

    That is not even all of the garbage brought to light by that report. Dolphin's developers should be ashamed of themselves and its users need to learn the whole truth. Look at their so-called privacy policy, for example.

    If your argument is "Google spies, so what" then you need to wise up. For one, Google is a large and well-known public company that does face repercussions for violating privacy. Dolphin is...not.

    Second, even if you do not care about your privacy--and you should--spying wastes battery power, bandwidth, and CPU cycles. No one needs more garbage on their device.
    View
    8
    F
    Fnorder
    DolphinBrowser said:
    Thank you for all your comments.
    We are delighted that our user community is growing to new heights daily. We continue to learn from you, our users, and will always be responsive to your comments.
    Here we promised we never stored user data. Please check here to know more details. blog.dolphin-browser.com/2011/10/27/webzine-does-not-store-user-data/

    Dolphin Browser
    Click to expand...
    Click to collapse

    I'm torn between cynicism and my hope that this -is- innocent, so I'll go with both in my reply.

    The way you guys dealt with previous attempts at calling this to your attention - ignoring emails and outright deleting my blog comment - cast the honesty of your organization into doubt (in my mind at least, I cannot prove this part of the affair). I find myself in doubt that dolphin would have (claimed to have) taken action had this issue not appeared on major android news sites such as http://www.androidpolice.com/2011/1...e-you-visit-to-a-remote-server-in-plain-text/

    You -say- data is not collected, but I do not have access to your server and thus cannot verify that browsing history (juicy marketing data) is not retained (this includes access_log), I only have the promise of an organisation that has not earned my trust. (And I would not trust Mozilla with this)

    As you can see, people consider browsing history sensitive data, it is -not- a zero on a scale of 1-10 as stated in your blog, especially for those of us that make use of url obscurity. (HTTPS requests secure host and path, this was defeated with dolphin)

    That said, while I'm pleased that you -say- steps are being taken, I can confirm that:
    version 7.0.1 (build id 105) still forwards urls like version 6-7.0.0 (id 103) have done. In addition, unlike v7.0.0(103) from getjar, it nagged me to rate it, thus I have bumped my one star security warning.

    Assuming you will actually fix this:

    Making this opt-in is good, provided it's opt-in and explains the security considerations clearly.

    Alas, were I not so dependant on the features I added to 4.x, I'd still find myself analysing traffic with a packet sniffer and scouring smali code each time a Dolphin upgrade were made available. I would not do this for firefox or opera, as they've proven themselves to recognize browser security and privacy as Serious Business.

    Since you have claimed to disable this, and have yet to actually do so, you prove the opposite with each passing minute.
    View

New posts