[PRIVACY] WARNING: Dolphin's collection of your browsing history

[Fnorder]

If it weren't for things like this, I'd still be a fan of Dolphin Browser.

Ever since the 'webzine' 'feature' came out (in version 6), this app forwards the URL of:
Every link you click.
Every search you enter.
Every page you load.

To: http://en.mywebzines.com/v3/columns?u=(URLencodedURL)&t=(TIMESTAMP)

This includes:
SSL URLs.
QUERY_STRINGS.
IP addresses on private networks and file:// urls.

In addition, when I mentioned this on http://blog.dolphin-browser.com, the comment awaited moderation for two days before being deleted. I've yet to receive an email.

Proof:

[[email protected]]~# ngrep -P '!' -lq -R -W single -M '(^GET|^POST|^Host:|^[^ ]ookie:)' "tcp port 80"
interface: eth0 (10.23.1.0/255.255.255.0)
filter: (ip or ip6) and ( tcp port 80 )
match: (^GET|^POST|^Host:|^[^ ]ookie:)


T 10.23.1.220:60126 -> 107.20.41.53:80 [AP] GET /v3/columns?u=http%3A%2F%2F10.23.1.254%2F&t=1319574537635 HTTP/1.1!!Authorization: cd7f573ec9e6e865a28aaab7a1793796!!Accept-Encoding: gzip!!Host: en.mywebzines.com!!Connection: Keep-Alive!!!!

(less spammy proof)
 [G] www.google.com:80/search?q=wut
 [G] en.mywebzines.com:80/v3/columns?u=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dwut&t=1319574984926
 [G] en.mywebzines.com:80/v3/columns?u=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dwhat%2Bis%2Bthis%2Bi%2Bdont%2Beven&t=1319575011872
 [G] en.mywebzines.com:80/v3/columns?u=file%3A%2F%2Fsdcard%2Fdata%2Fhome.html&t=1319575109160

Stick this in your /system/etc/hosts to make the Orwellian nightmare stop. This will break webzine 'functionality', and is only possible on rooted phones:

127.0.0.1 en.mywebzines.com mywebzines.com

Alternatively, here is how to remove this via APKTool:

* apktool d mobi.mgeek.TunnyBrowser-1.apk
* apply the this patch to smali/mobi/mgeek/TunnyBrowser/WebViewCallbackHandler.smali

#####
--- orig-7.0/smali/mobi/mgeek/TunnyBrowser/WebViewCallbackHandler.smali 2011-10-22 11:41:43.000000000 +0000
+++ mobi.mgeek.TunnyBrowser-7/smali/mobi/mgeek/TunnyBrowser/WebViewCallbackHandler.smali        2011-10-22 11:40:18.000000000 +0000
@@ -2189,7 +2189,7 @@
 
     .line 576
     :cond_2
-    invoke-direct {p0, p1, v0}, Lmobi/mgeek/TunnyBrowser/WebViewCallbackHandler;->a(Lcom/dolphin/browser/core/IWebView;Ljava/lang/String;)V
+#    invoke-direct {p0, p1, v0}, Lmobi/mgeek/TunnyBrowser/WebViewCallbackHandler;->a(Lcom/dolphin/browser/core/IWebView;Ljava/lang/String;)V
 
     goto :goto_0
 .end method
#####

I would attach an .apk of dolphin cleansed of it's spyware AIDS, however I'm not sure if the mods would like that.

update:
Modified APKs posted http://forum.xda-developers.com/showpost.php?p=18799432&postcount=61
update: Fiasco appears on http://www.androidpolice.com/2011/1...e-you-visit-to-a-remote-server-in-plain-text/
update: Dolphin writes blog post claiming data is not retained, and that 'feature' is disabled. Latest market version. (7.0.1/id105) appears, still forwards urls
update: Version 7.0.2 (id 106) no longer forwards urls.

 

[Fnorder]

While I have no proof dolphin == mywebzines, they conveniently share the same hosting and dns providers (both domains are registered via proxy)

[[email protected]]~# for i in $(host -t a dolphin-browser.com|awk '{print $NF}');do host $i;done
89.249.19.50.in-addr.arpa domain name pointer ec2-50-19-249-89.compute-1.amazonaws.com.
[[email protected]]~# for i in $(host -t a en.mywebzines.com|awk '{print $NF}');do host $i;done
77.123.17.50.in-addr.arpa domain name pointer ec2-50-17-123-77.compute-1.amazonaws.com.
185.179.17.50.in-addr.arpa domain name pointer ec2-50-17-179-185.compute-1.amazonaws.com.
58.30.19.50.in-addr.arpa domain name pointer ec2-50-19-30-58.compute-1.amazonaws.com.
167.175.19.50.in-addr.arpa domain name pointer ec2-50-19-175-167.compute-1.amazonaws.com.
93.246.101.75.in-addr.arpa domain name pointer ec2-75-101-246-93.compute-1.amazonaws.com.
53.41.20.107.in-addr.arpa domain name pointer ec2-107-20-41-53.compute-1.amazonaws.com.
205.64.72.184.in-addr.arpa domain name pointer ec2-184-72-64-205.compute-1.amazonaws.com.
119.178.72.184.in-addr.arpa domain name pointer ec2-184-72-178-119.compute-1.amazonaws.com.
156.2.73.184.in-addr.arpa domain name pointer ec2-184-73-2-156.compute-1.amazonaws.com.
33.95.17.50.in-addr.arpa domain name pointer ec2-50-17-95-33.compute-1.amazonaws.com.
[[email protected]]~# host -t ns mywebzines.com;host -t ns dolphin-browser.com
mywebzines.com name server ns2.dnsv5.com.
mywebzines.com name server ns1.dnsv5.com.
dolphin-browser.com name server ns1.dnsv4.com.
dolphin-browser.com name server ns2.dnsv4.com.
[[email protected]]~#

 

[lexluthor]

Subscribed.

As a Dolphin user, I'm interested to see where this goes.

Maybe you can get the adfree android developer to add en.mywebzines.com to the next hosts file update and problem solved (for adfree users, at least).

 

[Fnorder]

Subscribed.

As a Dolphin user, I'm interested to see where this goes.

Maybe you can get the adfree android developer to add en.mywebzines.com to the next hosts file update and problem solved (for adfree users, at least).

Does't adfree allow custom entries?

I still use dolphin 4 as it has the best UI on android...especially after the modifications I've made. Unfortunately since it's free of admob and mobosquare code I'd probably get in trouble for posting it

 

[mills2533]

Nice work. I'll keep watching this thread.

 

[Rico ANDROID]

Uninstallimg today

Nice work. I'll keep watching this thread.

Makes you wonder why Google is still allowing Dolphin to stay in their catalog.... Uninstalling today!

Hmmmmph!

 

[_Raziel666]

If we add this address to the hosts file, won't the problem be solved?

Thanks for bringing this up anyways!

 

[spanner44]

Good find, uninstalling now. Do you know if this applies to ant other browsers ?

 

[Omnichron]

I use Boat Browser, very clean.. none of the concerns and bloatware mentioned.

 

[surveysays]

is there any word on miren browser?

 

[Thee GOC]

Uninstalling now, and too bad, I like their setup. Guess I will be shopping around for another browser.

Plus interested in seeing where this will go.

 

[xriderx66]

Eh, i don't mind. The only good use that Dolphin gave me was that before i exit it it asked if i wanted to clear history, and so i only use it for porn.
My fav browser is the default MIUI browser.

 

[Rico ANDROID]

Eh, i don't mind. The only good use that Dolphin gave me was that before i exit it it asked if i wanted to clear history, and so i only use it for porn.
My fav browser is the default MIUI browser.

Heh heh I guess I could use it for soke flixs! Any good sites?

 

[abdielol]

I recommend Boat Browser. It's very smooth and clean. I switched to it from dolphin and I've never looked back.

 

[Fnorder]

I recommend Boat Browser. It's very smooth and clean. I switched to it from dolphin and I've never looked back.

I use Boat Browser, very clean.. none of the concerns and bloatware mentioned.

I remember trying boat. It failed my evaluation on two counts: The lower button bar wouldn't go away, and it constantly posted data to http://www.umeng.com/app_logs

 [P] www.umeng.com:80/app_logs
   post: T 10.23.1.220:38582 -> 211.151.139.246:80 [AP] H!}![K!1!!!!!'!!!K!7!A!!E!E|!Y!d!.M!!!H-!!N!!!!}!!!!sfV{!!!!!d!!!!!!#!I!v V-!!!(k!!T!k!!!!!2!j!!"G!A!!!5!A>!!!]!!`K!Tk!!!!`!!!!J^!XdT!jC!!!!!D!!&5C!!:W=!!S!!e D!!!!!g!G!!!!!!O!c!<!!!!!I!1!!!X!!!z!!!!!!1!!4#!!!!!!!!!0>!!!C{4%!:o!~!!!!!!tJ!!!!!!]!!!!!!!!!!!!!!!!!!!C!C!!!!!qY!!5[#!M!!K(+*s!!!PI!u!!/J!!q!0!!!-!!!=?!g!!!Q\!!w!!!R!!!!!0!G3-V2!!U!m!5!q![!j!g!!Z9w!!eV!oC!!od!!!

I've not sifted through smali code to see -what- gets posted, but it does so every time you do something.

 

[phoenixs4r]

Damn it. All the other browsers suck.

Sent from my ADR6300 using Tapatalk

 

[Tdiliplane]

try opera I guess its your only choice

 

[consegregate]

Dolphin mini doesn't have webzine right?

 

[idefiler6]

Stock ftw.

 

[hackeron]

can you check miren browser?