Tuesday, 14 November 2017
UC BROWSER HAS BEEN REMOVED FROM PLAYSTORE
The uc browser UC BROWSER is now no longer on play store anymore
Uc browser removed from playstore due to malicious and insecure ads linking to UC broswer downloads
UC Browser is a web browser produced by UCWeb, which is owned by the gigantic Alibaba Group.
UC Browser is the most popular mobile web browser in China and India, boasting over 500 million users. This report provides a detailed analysis of how UC Browser manages and transmits user data, particularly private data, during its operation.
Our research was prompted by revelations in a document leaked by Edward Snowden on which the Canadian Broadcasting Corporation (CBC) was preparing a story.
The CBC contacted us requesting our comment. The document, apparently prepared in 2012 by Canada’s signals intelligence agency, the Communications Security Establishment (CSE), noted the existence of security vulnerabilities in UC Browser.
Given the Citizen Lab’songoing research into popular Asian communications tools, and the possibility of vulnerabilities affecting a large number of users, we decided to conduct an independent investigation of UC Browser.
While media outlets are publishing a story about the CSE document,
we cannot determine if the problems we identify in UC Browser and that are described in this report are identical to those referenced in the 2012 CSE document.
There's a lot of heavy, paid promotion done for UC Browser, but this is no small feat in any case. Interestingly,
the Play Store description pays special attention to a "cricket card feature," which should probably tell you this app isn't being marketed at Americans.
And recently uc browser hits 500million downlods in playstore
Research has found that UC Browser is not secure, and it has Privacy issues.
The UC Browser has many vulnerabilities.
According to Qualys SSL Lab test; Logjam, FREAK andPOODLE vulnerabilities are found in UC Browser.
UC Browser uses an outdatedRC4 cipher cryptography with outdated SSL 3 or even SSL 2 protocol which has many security flaws.
In 2015 it was revealed as part of theSnowden leaks that UC Browser leaks sensitive IMSI, IMEI, MSISDN data, Android ID, MAC address and users Geo-location & Wi-Fi related data without any encryption;
which was used by intelligence agencies to track users.
In May 2015, a research organization named the Citizen Lab[20]published news about leaking of privacy details of several UC Browser users. The organization tested two versions of UC Browser, one in English and the other in Chinese.
In May 2015, documents leaked by National Security Agency (NSA) whistleblower Edward Snowden revealed that the Australian Signals Directorate (ASD) had identified UC Browsers as a security weak point.
Its widespread use in China, India and Indonesia made it particularly attractive to ASD.
The documents revealed that in cooperation with its Five Eyespartners, ASD hacked the UC Browser and infected smartphones with spyware.
The ASD declined to comment in relation to the revelations.
In 2016, the Citizen Lab reported about major security and privacy issues in the English language and Chinese language editions of the Android version of UC Browser.
The report criticized the transmission of personally identifiable information to various commercial analytics tools and the transmission of user search queries without encryption.
They also managed to bypass the encryption of UC Browser accusing them of using non-effective encryption systems in transmitting personally identifiable subscriber data, mobile device identifiers and user geo-location data.
In May—June 2016, Alibaba group provided the Citizen Lab with updated versions of UC Browser in order to verify their security fixes to these issues.
The subsequent update published by the Citizen Lab indicated that, not all of the previously identified data leaks and privacy breaches had been fixed in UC Browser
UC Browser leaks users personal data. The Ministry of Electronics and Information Technology (MEITY) in India is currently investigating this privacy breach by Alibaba-owned UC Browser.
It has been alleged that the second most used browser in India has been sending user data to Chinese servers and that it retains control over a user's device DNS even after the browser is deleted.
FINALLY THE UC BROWSER IS NOT AVAILABLE ON PLAY STORE ANYMORE
Uc browser removed from playstore due to malicious and insecure ads linking to UC broswer downloads
UC Browser is the most popular mobile web browser in China and India, boasting over 500 million users. This report provides a detailed analysis of how UC Browser manages and transmits user data, particularly private data, during its operation.
Our research was prompted by revelations in a document leaked by Edward Snowden on which the Canadian Broadcasting Corporation (CBC) was preparing a story.
The CBC contacted us requesting our comment. The document, apparently prepared in 2012 by Canada’s signals intelligence agency, the Communications Security Establishment (CSE), noted the existence of security vulnerabilities in UC Browser.
Given the Citizen Lab’songoing research into popular Asian communications tools, and the possibility of vulnerabilities affecting a large number of users, we decided to conduct an independent investigation of UC Browser.
While media outlets are publishing a story about the CSE document,
we cannot determine if the problems we identify in UC Browser and that are described in this report are identical to those referenced in the 2012 CSE document.
There's a lot of heavy, paid promotion done for UC Browser, but this is no small feat in any case. Interestingly,
the Play Store description pays special attention to a "cricket card feature," which should probably tell you this app isn't being marketed at Americans.
And recently uc browser hits 500million downlods in playstore
Research has found that UC Browser is not secure, and it has Privacy issues.
The UC Browser has many vulnerabilities.
According to Qualys SSL Lab test; Logjam, FREAK andPOODLE vulnerabilities are found in UC Browser.
UC Browser uses an outdatedRC4 cipher cryptography with outdated SSL 3 or even SSL 2 protocol which has many security flaws.
In 2015 it was revealed as part of theSnowden leaks that UC Browser leaks sensitive IMSI, IMEI, MSISDN data, Android ID, MAC address and users Geo-location & Wi-Fi related data without any encryption;
which was used by intelligence agencies to track users.
In May 2015, a research organization named the Citizen Lab[20]published news about leaking of privacy details of several UC Browser users. The organization tested two versions of UC Browser, one in English and the other in Chinese.
In May 2015, documents leaked by National Security Agency (NSA) whistleblower Edward Snowden revealed that the Australian Signals Directorate (ASD) had identified UC Browsers as a security weak point.
Its widespread use in China, India and Indonesia made it particularly attractive to ASD.
The documents revealed that in cooperation with its Five Eyespartners, ASD hacked the UC Browser and infected smartphones with spyware.
The ASD declined to comment in relation to the revelations.
In 2016, the Citizen Lab reported about major security and privacy issues in the English language and Chinese language editions of the Android version of UC Browser.
The report criticized the transmission of personally identifiable information to various commercial analytics tools and the transmission of user search queries without encryption.
They also managed to bypass the encryption of UC Browser accusing them of using non-effective encryption systems in transmitting personally identifiable subscriber data, mobile device identifiers and user geo-location data.
In May—June 2016, Alibaba group provided the Citizen Lab with updated versions of UC Browser in order to verify their security fixes to these issues.
The subsequent update published by the Citizen Lab indicated that, not all of the previously identified data leaks and privacy breaches had been fixed in UC Browser
UC Browser leaks users personal data. The Ministry of Electronics and Information Technology (MEITY) in India is currently investigating this privacy breach by Alibaba-owned UC Browser.
It has been alleged that the second most used browser in India has been sending user data to Chinese servers and that it retains control over a user's device DNS even after the browser is deleted.
FINALLY THE UC BROWSER IS NOT AVAILABLE ON PLAY STORE ANYMORE
Subscribe to:
Post Comments
(
Atom
)
Good info bro. Keep updating
ReplyDeleteSure brother #roshan
ReplyDelete