Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dolphin, a 3rd Party Android Browser, Relayed URL Data

Posted by Soulskill on from the question-of-intent dept.

An anonymous reader sends this excerpt from AndroidPolice.com: "As it turns out, Dolphin HD, one of the top browsers the Android platform has to offer, sends pretty much every web page URL you visit, including those that start with https, to a remote server en.mywebzines.com, which belongs to the company. In fact, the WebZines feature was introduced only recently back in June with version 6.0, so it's safe to say this tracking started around the same time.'" The Dolphin team quickly responded with a blog post saying they did not store any of the data, and no browsing information was captured about users. They also rolled out a new version of the browser, 7.0.2, which fixed the issue.

23 of 179 comments (clear)

  1. Meaning... by Pharmboy · · Score: 5, Insightful

    When they say "fix", does that mean it doesn't send the info, or their sending of info is harder to trace?

    --
    Tequila: It's not just for breakfast anymore!
  2. Didn't store But by bobstreo · · Score: 2

    All the information according to articles was sent in plain text to the servers.

  3. Been reading about this for a few days now by Anonymous Coward · · Score: 5, Interesting

    ...over at xda-developers.com.

    http://forum.xda-developers.com/showthread.php?t=1319529

    That was their good deed for the week. Now for the bad deed of the week, they refuse to remove an ARP poisoning app so people can kill individual users on public wifi networks: http://forum.xda-developers.com/showthread.php?t=1282900

    Probably worthy of it's own /. article.

  4. Re:One more proof walled garden is better by WrongSizeGlass · · Score: 5, Informative

    Dolphin is available for iOS and offers the same WebZines "feature" ;-)

  5. When Google does it, it's OK, when Dolphin does it by impaledsunset · · Score: 5, Insightful

    is bad?

    How is that? Chrome already sends any URLs visited and anything you typed in the address bar to Google. The former is done to make a lookup in the database of malicious URLs (where other browsers such as Iceweasel store the database locally), the latter is done for the uses of Google Suggest.

  6. Re:When Google does it, it's OK, when Dolphin does by Nerdfest · · Score: 2

    It's a matter of being up-front about the fact that it's being done, and what is being done with the information.

  7. "Fixes" the issue? by Elyjah · · Score: 3, Insightful

    "They also rolled out a new version of the browser, 7.0.2, which fixed the issue."

    The word "fix" makes it sound like it was an unintentional error. The problem wasn't that the browser "accidentally" sent the data. The problem was that the company thought this would be okay in the first place. The real "fix" needed is ridding the company of the people who thought this was a good idea.

    1. Re:"Fixes" the issue? by Raenex · · Score: 5, Insightful

      The real fix is uninstalling this app because they abused your trust.

  8. Uninstalled. by Majik+Sheff · · Score: 2

    I don't care how fixed they say it is. They broke my trust, this app will never see my (or my friends') phones again.

    --
    Women are like electronics: you don't know how damaged they are until you try to turn them on.
  9. Shocking! by TheRaven64 · · Score: 5, Funny

    Android users signed up to be spied on by Google, not some random third party!

    --
    I am TheRaven on Soylent News
  10. Re:Chrome does the same by broken_chaos · · Score: 2

    If true, that's an odd way of doing it. Most other browsers maintain an offline database of 'unsafe' URLs, regularly updated, and only send the URL to a 3rd-party service for checking if it matches the database (in order to 'double check' that it's still considered unsafe, in case of any changes or updates since the last download).

  11. Re:Fixed? Issue? by Opportunist · · Score: 2

    Certainly. You should have never noticed that it happens. But it was fixed.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  12. I'm starting to wonder why people care by rsilvergun · · Score: 4, Interesting

    about tracking. Seriously. You're tracked EVERYWHERE you go. You know all those free email accounts? How about Facebook? Your Newegg account? Amazon.com? Yep. All Tracked. Moreover, are people so easily manipulated to their detriment that a little web tracking matters. I guess there's the big scary gov't. But seriously. If a modern gov't is tracking you it's more for the hell of it then any real need to use it to oppress. A modern military does all that by itself. I'm ten times more worried about the Unions disintegrating then I am over some twit advertiser knowing what I googled last week.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
    1. Re:I'm starting to wonder why people care by Anonymous Coward · · Score: 2, Insightful

      So because others walk all over yourself you should let anyone walk all over yourself every day. What kind of stupid justification is that ?

  13. Re:When Google does it, it's OK, when Dolphin does by SharkLaser · · Score: 5, Insightful

    But Google IS NOT upfront about that, and it doesn't even ask if they are allowed to do so. It's enabled by default and without telling the user about it.

  14. Re:Chrome does the same by BZ · · Score: 2

    If you're doing HTTPS, the wireless carrier only knows the hostname, not the whole URL. Unless you're going through one of their proxies, of course.

  15. Re:people don't pay attention to privacy by icebraining · · Score: 3, Insightful

    It's a browser, so it's kinda hard to doubt it needs Internet access. How exactly are users supposed to know?

    --
    Dilbert RSS feed
  16. Re:Microsoft does this by SharkLaser · · Score: 2

    Well Google does it by default in Chrome and their toolbars, doesn't even ask for permission for it and sends every URL you visit and whatever you type into the url/search text box.

  17. Re:Changelog : "Some Bug Fixing" by MagicM · · Score: 2

    That must be an iPad-only version or something. Their other app for iOS (Dolphin Browser) has not been updated since September.

    They describe the webzine feature as something like the Reader functionality that was added in iOS 5:

    Webzine. Fast loading, without ads; Webzine simplifies the way you read your favorite news, blogs and websites.
    Effortless Browsing. Dolphin Webzine displays web articles in an elegant format without distractions. Scroll through thumbnail images to open one of 120+ channel subscriptions and = tap on any thumbnail image open to the article. From Elle to Wired, Webzine brings the elegance back to reading on the web.

  18. Re:One more proof walled garden is better by bonch · · Score: 3, Insightful

    Are you seriously suggesting that Slashdot has a pro-Apple, anti-Android bias? Do we visit the same Slashdot?

    To ignore the malware problem on Android is to deny a genuine negative aspect of the platform that needs to be talked about, regardless of how you feel about Apple products.

  19. Re:Approved app? by bonch · · Score: 2

    Again, it's the latest version of the Android app that does this.

  20. Re:When Google does it, it's OK, when Dolphin does by MacGyver2210 · · Score: 2

    When I first started my Android phone, Google asked me pretty plainly if I wanted to send location data or usage data. When I said no, it didn't send the data.

    Not sure what's hard about that. At least Google gave the option to disable it, unlike Apple.

    --
    If the only way you can accept an assertion is by faith, then you are conceding that it can't be taken on its own merits
  21. Re:One more proof walled garden is better by Calibax · · Score: 2

    Except the iPad bypass bug is a minor issue. I tried it on my iPad 2. Yes, the bug does allow someone to bypass the login screen without the password, but the interloper can't run any applications. All he can do is browse to see which apps are installed on the device and change the volume - touching an icon to run an application has no effect.

    Furthermore, if you password protect your iPad with a normal password, rather than use the short four digit password mechanism, this exploit doesn't appear to work at all. It's not an issue that's going to keep me awake at nights.