Developed by UCWeb for Alibaba, UC Browser was released with the clear promise of offering similar Safe Browsing, but a report released by a security researcher states that Browser privacy is deceptive and poses a risk to the user.
When using reverse engineering to analyze the behavior of UC Browser, Gabriel Serlig found that both versions — to Android I iOS – Track data issued on every website the user visits, even if he is using anonymous mode.
As noted by the researcher, and later confirmed by Forbes professionals, data on browsing habits is sent to the servers of the Chinese developer UCWeb. This information includes the IP address, which can be used to track a user’s location.
Investigations reveal that the servers, although they are officially registered in China and provide the country’s “.cn” domain, are located in the United States. The machines store an identification number for each user, so their activity is monitored on any website they visit.
In the video below, the security researcher demonstrated this behavior through an Android device. Special information traffic detection software reported when accessing your website without trackers sending various encrypted data to the server to UCWeb.
By decoding this data, Cirlig finds that your IP address, the URL of the website you have visited and your numerical identity which stores all your Internet activity while using the browser.
Forbes contrasts this behavior with google chrome policy, which does not record any user data while browsing through an anonymous window. “This type of tracking [do UC Browser] This is done on purpose and without any consideration for user privacy,” Serlig said.
Alibaba, largest online trading company worldwide, and UCWeb has yet to comment on the matter.