Siseneg
07-17-2016, 02:55 PM
Maxthon browser claims not to share user information with the NSA, but was caught sending .zip files with the users personal information back to its base in China without the users prior knowledge or permission.
The Maxthon Privacy Policy states:
"Maxthon's desktop PC browser has the ability to gather certain information concerning your computer system but it will only send this information to Maxthon if you chose to send it."
http://www.maxthon.com/privacy/
However, that does not appear to be the case:
Maxthon Browser Caught Sending Sensitive Personal Data to China
"Researchers at Fidelis Cybersecurity and Poland-based Exatel have lately discovered that the web browser Maxthon has been sending detailed information of its users, such as their browsing history and other installed applications to a browser in Beijing and is prone to man-in-the-middle (MitM) attacks.
The browser regularly sends a small encrypted ZIP file containing the user’s entire browsing history, including Google searches, queries and a complete list of software installed on the user’s computer, all without the prior authorization of the user, according to a recent report released by the firms. Information about the system includes the CPU, memory, the adblocker status and the startpage.
Using this information, if attackers obtained the user’s email they could send a message, authenticated by its content, containing an attachment armed with a remote code execution exploit that could compromise the user’s device, the report said."
http://www.techworm.net/20*6/07/maxthon-browser-caught-sending-sensitive-personal-data-china.html
The issue has been brought forward on the Maxthon users forum and independently verified by at least one user.
The Maxthon Privacy Policy states:
"Maxthon's desktop PC browser has the ability to gather certain information concerning your computer system but it will only send this information to Maxthon if you chose to send it."
http://www.maxthon.com/privacy/
However, that does not appear to be the case:
Maxthon Browser Caught Sending Sensitive Personal Data to China
"Researchers at Fidelis Cybersecurity and Poland-based Exatel have lately discovered that the web browser Maxthon has been sending detailed information of its users, such as their browsing history and other installed applications to a browser in Beijing and is prone to man-in-the-middle (MitM) attacks.
The browser regularly sends a small encrypted ZIP file containing the user’s entire browsing history, including Google searches, queries and a complete list of software installed on the user’s computer, all without the prior authorization of the user, according to a recent report released by the firms. Information about the system includes the CPU, memory, the adblocker status and the startpage.
Using this information, if attackers obtained the user’s email they could send a message, authenticated by its content, containing an attachment armed with a remote code execution exploit that could compromise the user’s device, the report said."
http://www.techworm.net/20*6/07/maxthon-browser-caught-sending-sensitive-personal-data-china.html
The issue has been brought forward on the Maxthon users forum and independently verified by at least one user.