Tag Archive : 爱上海Nasrin

/ 爱上海Nasrin

Dolphin Browser slammed for sharing web history

September 21, 2019 | mfhfzdun | No Comments

first_imgThe new webzine reading mode in Dolphin Browser for Android was a nice feature addition. It formats pages on supported websites nicely for reading on mobile devices… but it was doing something else that wasn’t nearly as good: passing your browsing history back to their servers using an unencrypted channel.The EFF was all over Dolphin like hair on Troy Polamalu for the gaffe, saying that — apart from being a privacy violation — it could allow an attacker to take over a user’s browsing session. That last bit is no surprise, really. Remember Firesheep? With the snooping add-on installed in Firefox, a mischievous user could hijack session data from just about any browser passing unencrypted data.As for the ding on Dolphin’s attention to privacy concerns, webzine mode didn’t appear to be passing any information that your ISP or corporate firewall — or even Google Analytics code in the sites you’re visiting — wouldn’t be gathering anyway.Nevertheless, Dolphin developer MoboTap didn’t offer a very clear explanation as to what was going on. While their original blog response mentioned that no webzine data was ever stored on Dolphin servers, the issue of insecure transmission appeared to have been overlooked. And when a pair of minor updates were delivered to the Android Market and fixed the issue, Dolphin neglected to provide any details on the second update to clarify what was being fixed.The way webzine works is very similar to how Amazon’s Silk browser and Opera Turbo work: page data is sent to a remote server first where it is then analyzed, formatted, and then passed back to the user. Silk, however, has already been given the EFF’s stamp of approval before it even debuted publicly on the Kindle Fire — and Opera has had years to make sure the bugs have been worked out of Turbo. Webzine is a new feature, and one that helps make Dolphin one of the best mobile browsers around. It’s clear that MoboTap does care about its users and their privacy from the speed with which they implemented the fixes once this issue was reported.More at Cnetlast_img read more