WhiteHat Aviator Phoning Home?
A concerned email and the response from WhiteHat and why Aviator phones home
Recently I was contacted by someone who wishes to remain anonymous (which is fair enough!) about my review of WhiteHat Aviator.
In the email I was asked to look at how WhiteHat Aviator phones home. The person who contacted me was concerned that they had noticed network activity coming roughly every five hours from Aviator to some WhiteHat servers.
My gut reaction was this was likely just the service phoning home to look for updates, but not knowing the best practice for doing this on a Mac I decided to email WhiteHat and ask about why Aviator phones home, I had mentioned this was in response to an email I had received from a concerned user.
I wanted to share parts of their response because I think it clears up any issues;
Here's how it works - every 5 hours the browser calls back to our server with a non-unique query so we can't correlate/track our users. We spent a lot of time working on this to try to limit our ability to track users, because browsers like Chrome phone home with the machine-ID and user-ID of the system for every update and that wasn't something we were willing to do.
If the file that is downloaded says there is an update the browser will automatically fetch and barring any signing issues or corruption in the file it will install it for use the next time the user downloads the browser. Other browsers have paved the way in this regard, and find that it is significantly safer to always keep the user updated, since the majority of features we launch are security related anyway.
The purpose of our browser was to be used by the common person, not by the security pro or privacy nut. They have the technical chops to use Tor (in a safe manner, which isn't actually very easy to do) or modify their own browser. The average person doesn't have that ability, so this browser is intended to give them the right training wheels to make sure
they don't have issues. We always allow our users to disable plugins, but if they remove them the browser will just re-download them so that doesn't make much sense. Each plugin has been chosen specifically to achieve better usability and higher security. For example, we had to ship with UA spoofer, because too many sites are poorly programmed and don't know that other browsers exist and don't have a graceful failure mode. PDF.js was essential, because it's much safer, from what we can tell thus far, than Adobe's PDF viewer - time will tell if that was an incorrect assumption but other browsers are betting on the same thing, so I think it's a safe bet. Disconnect is the plugin that supports ad-blocking and blocking of tracking pixels which speeds up the user experience and speeds up increases security in the process. Those are the only plugins we ship with - if the user has others, that didn't come from us.
The end result here, is that I think this user is conflating privacy with security, and while we are a much more private browser than most, we would never claim to be 100% private, because we have to allow our users to get updates. If 100% privacy assurance is the goal, Tor browser is the one of choice - though, there are many security and privacy pitfalls due to compromised exit nodes, which is why I would never recommend it to the Masses."
If you are a concerned user after hearing or experiencing the phoning home, then I hope this clears it up for you :-)