Philippine News | Latest | Local | Showbiz | Weather | Newspapers | Holidays

Blog Archive

Categories

1 trillion pageviews (1) 10.1-inch (1) 3D (1) 3D glasses (1) 3D Vision (1) 9mm (1) A5 chip (1) ABS-CBN (6) add-ons (1) Adobe (2) Adobe Flash Player 11 (1) Adobe Max (1) Adobe Touch (1) Advertising (1) Air Philippines (1) Amazon Kindle 2011 (1) Android (7) angry birds (1) angry birds and sesame street (1) angry birds download (1) Anniversary (2) anonymous activists (1) anonymous browsing (1) antitrust (1) antivirus 2012 (1) app for energy use (1) Apple (7) Apple A5 (1) apple ceo (1) Apple iPhone 5 (1) Apple launch (1) apple new ceo (1) Apple Talk (1) Apples latest and greatest A5 silicon (1) ARM processors (1) asian computer companies (1) asilo tagaytay (1) AVG (1) AVG Anti-Virus Free 2012 v12.0.1796 (1) avida (1) BBC News (1) Blackberry (1) Blackberry issues (3) blackberry news (3) blacklist (1) Blogger News (7) Blogger Tricks (8) Blogging (7) Breaking News (118) browser (1) browsers (3) Browsers and extensions (3) business merge (1) Cagayan de Oro (2) Cagayan de Oro City (2) Cava22 (1) CdeO (2) CDO city (2) Cebu Pacific (1) ceo mac (1) ceo of apple (1) ceo of mac (1) child pornography stopped (1) chrome (1) CNET (1) cnn news technology (2) CNN. com (1) Company deals (1) compatibility (1) Consumer software and hardware (1) Content and publishing (1) Crave (1) Criminal Hackers (2) CSS (1) Daily Readings (2) dekstop (1) Department of Justice (1) developers (1) Digital Home (1) dolphin (1) dolphin hd (1) Doodle (1) downloads (1) Droid Bionic (1) Droid Razr (2) Earthquake in the Philippines (3) electricity news (1) Emerging tech (1) energy use (1) Erroneous SSL (1) extensions (1) F8 (1) F8 2011 (1) Facebook (10) facebook and OPOWER (1) facebook apps (2) facebook includes music (1) facebook new layout (1) facebook news (6) facebook scams (1) Facebook Tricks (6) faster scans (1) Fennec (1) Filipino Music (1) firefox (4) firefox 7 (1) firefox 7 beta 6 (1) firefox 7 beta 6 download (1) firefox 7 download (1) firefox 7 ftp (1) firefox beta (1) Fires in the Philippines (2) Flash (1) Flickr (1) free download (2) freeware (1) Gadget news (1) Galaxy Nexus (1) Galaxy Note (1) Galaxy S II (1) Galaxy Tab 7.0 Plus (1) Games (3) Globe Promo Offers (2) GMA (2) GMA News (1) Gogle 13th birthday (1) Google (8) Google Birthday (1) Google Doodle (5) Google news (1) google vs. facebook (1) Google Wallet (1) Google Wallet Launch (1) Google+ (2) Gumby (1) Gumbyworld (1) Hacked SSLs (1) hackers (1) highest pageviews (1) history of facebook (1) hitachi news (1) Hollywood (1) honeycomb (1) housing (1) HTML5 (2) Ice Cream Sandwich (2) ie (1) IFA Berlin 2011 (1) International News (26) internet (4) Internet vigilantes (1) iOS (4) iOS 5 (1) iPad 2 (1) iPhone (1) iPhone 4S (3) iphone 5 (1) iPhone is missing (1) Ireland (1) japanese businesses merge (1) joint venture technology (1) Latest Dota Maps (3) latest gadgets (1) Latest News in the Philippines (149) latest news on computers (1) latest news on windows (1) Latest on SSL Errors (1) lawsuit (1) Lenovo IdeaPad Y570 (1) LET Exam (4) LET Review Documents (1) LG Nano LED TV (1) Licensure Exams (1) Lightboost (1) Local News (61) Lotto results (1) mac ceo (1) mac new ceo (1) Mac Software (1) malware (1) Manny Pacquiao (3) market share (1) Mary Blair (1) Media (1) Media Edition (1) memory (1) Microsoft (1) microsoft partners with twitter (1) Microsoft Windows 8 operating system (1) Mindanao (2) mobile (1) Mobile Software (1) Motorola (3) Movies (1) Mozilla (2) music on facebook (1) music+facebook (1) Net Applications (1) Netflix (1) network failure (1) New features (1) new iphone (1) news update (1) Nexus (1) Nexus Prime (1) NFC (1) Nvidia 3D Vision 2 (1) Olympics 2012 (1) Open Graph (1) opera 11.1 download (1) opera for android download (1) opera mobile 11.1 for Android (1) opera mobile for android (1) OPOWER (1) Pablo (2) Panasonic 3D Lumix camera (1) Pantech Breakout (1) PCSO Lotto (1) performance (2) Peripherals (1) Philippine Airlines (1) Philippine Holidays (3) philippine lotto (1) Philippine Newspaper (4) Philippine Stock Exchange (4) Philippine Storms (2) Philippine Weather (89) Philippines (20) Phishing (1) Photography (1) Photos (1) Photoshop (1) Pixar (1) platform (1) Policy Tags: android (1) porn (1) PRC News (5) preorders (1) privacy (2) Privacy and data protection (1) Privacy Inc. (1) programming (2) psychology (1) Qualcomm 3G chip (1) rapid release (1) research (1) Samsung (3) Samsung Galaxy S II (1) Samsung Galaxy Tab 10 (1) Samsung Galaxy Tab 7.7 (1) Samsung Galaxy Tab 8.9 (1) Samsung Series 7 all-in-one (1) San Francisco (1) Security (2) Self help (3) sesame street (1) sex (1) Showbiz News (17) Skype (1) SMART Promo Offers (2) social networks (2) Software (2) software release (1) Sony Ericsson Arc S (1) Sony Ericsson Xperia Arc (1) Sony Ericsson Xperia Play 4G (1) Sony HDR-PJ10 (1) sony hitachi tohiba merge (1) sony news (1) Sports News (7) SSL Error (1) Steve Jobs (1) Steven Sinofsky (1) Storm Pablo (2) Stratosphere (1) subscribe in facebook (1) tablet (1) tablets (1) Tech News (11) Technology Blogs (1) technology news (2) tim cook (1) Timeline (2) Topics: Corporate and legal (1) TOR (1) toshiba news (1) Toshiba no-glasses 3D TV (1) Toshih 10.1-inch Android tablet (1) Touch Apps (1) Toy Story (1) tracking (1) Tropical Storm (2) twitter+facebook (1) TypeKit (1) UFC News (1) unreleased iPhone (1) update (1) web browsers (1) Websense (1) Website Development (5) Websites Hacked (1) Why facebook has SSL Errors (1) windows 8 (1) windows 8 update (1) windows latest (1) Windows Software (1) Xoom 2 (1) Xtravo (1) Xtravo web browser (1) XUL (1) Yahoo (1) Zest Air (1) zuckerberg (1) Zynga (1)

Security Issues with Dolphin HD Browser

Tapping the designated corner in the Dolphin HD browser will let you control many browser functions with gestures.(Credit: Screenshot by Seth Rosenblatt/CNET)
The makers of a popularmobile browser called Dolphin HD confirmed that their software leaks the addresses of all Web sites a user visits, a potential privacy and security breach.

MoboTap, a Pasadena, Calif.-based mobile developer, told CNET today that Dolphin HD forAndroid transmitted the Web addresses back to the company's servers but that they were not stored. The addresses were used to determine whether to format Web pages in "Webzine" format, MoboTap said.

The privacy and security implications arise when a user connects to a secure Web site (usually shown by "https://" and a closed lock icon). The second, surreptitious connection to MoboTap is unencrypted, allowing an eavesdropper on a Wi-Fi network to learn what's happening.

"In some cases, if you knew the URL you can take over the user's session," says Seth Schoen, staff technologist at the Electronic Frontier Foundation, which has advocated the adoption of encrypted Web browsing to thwart eavesdroppers.

Alan Cooper, a spokesman for MoboTap, downplayed the impact of the security snafu, saying that "we've never stored anyone's user data" and have no intention to do so.

In a blog post, MoboTap said that: "With roughly 300 Webzines supported at the moment, it was necessary for the client to check the current user URL against a database housing these 300 Webzine columns... In terms of security, on a scale from one to ten, this is a zero."

EFF's Schoen disagrees. "I wish browser vendors would think things like this through before implementing them," he said. "It seems like they could have forseen the security implications of it."

Cooper said that "the issue has been 100 percent fixed already" in Android Market update 7.0.1. A post on a developer's forum, however, says 7.0.1 "still forwards URLs." Cooper said he would bring this to the attention of the developers for them to "double-check."

He added, in an e-mail message, that:

Dolphin didn't collect any device data in the API request, and doesn't know which clients are being used. The request was served only to crosscheck the URL against the availability of a corresponding Webzine. Using https for this functionality (which will become an opt-in service with accompanying notification of URL pinging) is a great suggestion and we'll be working it into future versions.
Another privacy implication is that MoboTap was also notified what files you're using Dolphin HD to browse even on your computer. A post on AndroidPolice.com suggested one way to fix the problem would be to block connections to the MoboTap-operated Web site, en.mywebzines.com.

Dolphin is a popular gesture-based browser for iOS and Android devices (see CNET's coverage last month when theiPad version was released, a video review, and our "how-to" report on browsing with gestures). Dolphin HD received an average rating of 4.6 out of 5 in the Android Market.

Update 2:10 p.m. PT: Just got e-mail from MoboTap representative Alan Cooper: "It came to our attention that yesterday's hot fix did not fix the URL concern, and we've just published version 7.0.2, which fixes all URL issues. It's just been pushed to the Market, and all users should be seeing it rolled out as an update shortly."

Source: http://news.cnet.com/8301-31921_3-20127195-281/dolphin-hd-browser-snared-in-security-breach/?part=rss&tag=feed&subj=PrivacyInc.

0 comments:

Post a Comment

Share

Widgets

TRY THESE OTHER INTERNET BROWSERS