Skip to comments.Maxthon Browser Sends Sensitive Data to China (!)
Posted on 07/14/2016 9:33:55 PM PDT by Utilizer
Developed by China-based Maxthon International, the browser is available for all major platforms in more than 50 languages. In 2013, after the NSA surveillance scandal broke, the company boasted about its focus on privacy and security, and the use of strong encryption.
Researchers at Fidelis Cybersecurity and Poland-based Exatel recently found that Maxthon regularly sends a file named ueipdata.zip to a server in Beijing, China, via HTTP. Further analysis revealed that ueipdata.zip contains an encrypted file named dat.txt. This file stores information on the operating system, CPU, ad blocker status, homepage URL, websites visited by the user (including online searches), and installed applications and their version number.
While dat.txt is encrypted, experts easily found the key needed to decrypt it, giving them access to the information. Exatel researchers demonstrated how a man-in-the-middle (MitM) attacker could intercept the data as it travels from the client to the Maxthon server in China.
The ueipdata.zip file is created and sent to Maxthon servers as part of the companys User Experience Improvement Program (UEIP). The role of the program is to help the developer understand its users needs and deliver better products and services. The vendor claims the program is voluntary and totally anonymous.
(Excerpt) Read more at securityweek.com ...
NEVER trust the ChiComs!!!
China makes a ton of the processors The processors are hard wired to hack.
They are playing chess; we are playing checkers.
And, it would appear, Chinese Checkers at that!
That said, just yesterday I was looking at buying a new router when I noticed a prior owner complaining that his router had been sending a lot of encrypted data to somewhere in Asia.
I use Opera, or occasionally Firefox. Both browsers display a pop-up window when they crash (Opera rarely, Firefox repeatedly) and notify you that an error has occurred then ask if you wish to send info about it back to the designers.
Rarely do I click on “Yes”.
The browser noted above appears to be sending info on a continual basis and unrelated to crashes. Thus the concern.
I use to use the Maxthon browser about a dozen years ago as they had tabbed browsing when IE and Firefox did not.
Now I use Firefox. I wonder who they are sending the data to?
Chinese hackers. No matter who, though, no one should be sending any info from your machine(s) unless it is you doing the selecting and sending.
I have been using Maxthon for years, even back when it had another name. I think it was created by some Chinese IT people back in the day as a competitor to Netscape. (Anyone remember Netscape?)
It developed a lot of very functional and even revolutionary user friendly features that other browsers later added to their platforms.
I’ll take this info to the user group and see what’s what.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.