Browser privacy issue with DROID Incredible and HTC Sense UI widget?

Same on my Evo. Not a biggie to me. I wouldn’t sell or return a phone without factory resetting the phone and formatting the SD anyway. Common sense.

Lots of people are saying that it’s not just bookmarked sites showing up, so to all the naysayers, either these people are all lying, or don’t understand what they are doing. It is possible they are right, and being honest, and there is something happening on their phones that isn’t happening on _all_ phones.

I have seen a user comment elsewhere that he thinks this happens when you type a URL directly into the address bar of the browser (non-bookmarked site) which may mean it’s also taking snapshots from your history?

This is what needs to be tested before we accuse BGR, Engadget, Gizmodo, etc of being stupid.

Checked on my EVO – it has screenshots of plenty of sites and pages that aren’t in my bookmarks. It is probably taking the snapshots for the “Windows” page in the browser, which has images of the websites you have hopen.

You can delete the files easily using a file manager like ASTRO.

Can be fixed by deleting the folder .bookmark_thumb1 and create an empty txt file .bookmark_thumb1 , no more thumbails…

http://www.mobilesmods.com/2010/06/17/pour-les-paranos-du-sense-thumb/ (French news)

To anyone saying that it’s not bad that it’s stored on the SD card (for most HTC phones withSense)/user-writable internal memory (for the Incredible), I’d like to point out that that’s worse than it being in internal memory.

With Android apps, each can store its data in onboard memory (as opposed to the Incredible’s internal storage), and, with the exception of when the app explicitly shares the data, no other app can see this data. This is where HTC _should_ have put the screenshots.

On the other hand, any app which wants to access the SD card needs permission – however, this is a sweeping permission, either it can or it can’t, there is no “it can only access X”. So, in theory, any secretly malicious app that has SD card permission can see these screenshot files, and even upload them to god knows where if it also has Internet permission (and that SD/Internet permission combo is not exactly unlikely – Facebook has it, for instance, or Pixelpipe, or likely many others). In other words, HTC _is_ creating a security risk by putting them there.

tl;dr: HTC could have handled this much better, and it _is_ a genuine security concern.

Just confirming that the SD card in my Desire contains screenshots of websites that I definitely do not have bookmarks for.

I will confirm that even after a hard reset on my phone (hold power and down volume key, choose hard reset – not the HTC interface factory reset) there was still a Bookmark_thumb1 file on my phone – but I could not access it by using the terminal and the SDK – the file was unreadable.
So, I don’t know what was in it. I’ve replaced it so I can send my phone back (it was having that Android low memory issue covered elsewhere).

I would be less worried about the snap shots than what is happening to them. (Any apps/daemons trying to phone-home and upload the images?) If there is a way to stop the activity then I would most definitely. (Some methods have been suggested but I can’t verify.)

I don’t experience this myself because I have a G1 running CM 5.0.8test4. Trust me, I checked and double checked after I heard about this. (And yes, I know I don’t have Sense UI)

Any word from HTC about the purpose of these snapshots?

Perhaps it is acting like a web proxy? It’s nice to know about it and how to take care of it if you are so inclined…

It’s located in the /emmc partition which is internal to the phone but it is not the /data partition which is “internal storage”

/emmc is more akin to how the SD card is used on other Android phone (to store media) so it is the natural place to put the browser thumbnail cache.

I really don’t see what the big fuss is about. You can mount the drive and delete the directory. That’s all there is to it! HTC even has a command to reformat that partition if you want to “factory reset”.

This really is much ado about nothing. All HTC needs to do relabel the “factory reset” to “format data partition”. Shoddy journalism at it’s best.

bookmark =saved url, not snapshot. Until we have a Google free version of Android, you can only assume privacy. Google does make $ selling information collected from us.

go to setting, search, google search settings, manage search history, click on all history, select all then delete, this not only delete history but put the widget on pause until u remove it and will no longer store u info.

anyone here in the media biz

Anyone having any luck using droid for advertising, meaning, the flash media players lso to plant flash cookies?

I can tell you that the media advertisers are concerned about using flash media lso on computers for adverting, ie use of flash cookies set into a flash media and respawning if deleted due to the bad press.

i see adobe 10.1 allows the private browsing which will clear out the advertising/flash cookies. That;s great- that wil kill the media tracking biz!!! anyone have any answers what’s best now?

i guess most people won’t know how to set their browser to private so we can work that angle, but anything better? anyone to block adobe 10.1 priv browswer from erasing all the data we obtain using flash cookies?

Well just pluged my htc aria “liberty” and scanned the SD card and also found this file with screen grabs. Deleted the .jpeg files. I just thougt it was a app that I downloaded that was doing this, but not good to here that this is somthing built into this phone

Ok so wait, let me get this straight…
The fact that a factory reset of a phone does NOT wipe out the contents of my SD card is a bad thing?
I’m sorry, but in what universe would it ever be a GOOD thing for a phone to delete the contents of any removable storage device?

Seriously, someone needs to get a grip, that would just be psychotic.

I agree with Weaselspleen above. The phone factory reset isn’t supposed to erase the contents of my SD card, and I would probably cry if it did. I currently have a Droid Eris and discovered the same problem when I was browsing through it using ASTRO. Its pretty bad that this is happening, but if the text file works, then problem temporarily solved. Hopefully its only something happening with HTC Sense UI, and not all android phones.