Maxthon browser caught sending personal data to Chinese server without user’s consent

vbimport

#1

We’ve just posted the following news: Maxthon browser caught sending personal data to Chinese server without user’s consent[newsimage]http://www.myce.com/wp-content/images_posts/2016/07/2000px-Maxthonlogo.svg_-95x75.png[/newsimage]

Web browser Maxthon has been caught sending detailed information from it users, such as their browsing history and other installed applications to the China based company that develops the software.

            Read the full article here: [http://www.myce.com/news/maxthon-browser-caught-sending-personal-data-chinese-server-without-users-consent-79941/](http://www.myce.com/news/maxthon-browser-caught-sending-personal-data-chinese-server-without-users-consent-79941/)

            Please note that the reactions from the complete site will be synched below.

#2

Here’s hoping people stop using it :flower:
Now how is that we do not get reports on Google Chrome… Now that’s a spy as well, harvesting any and everything you do and ship it back to Google. To better your user experience they say :Z

There are a multitude of programs out there phoning home with various information and it is not getting better any day soon and I always contact customer support with one question before purchasing… Can it be used without internet access after an initial activation? If i get a negative answer, I won’t buy. If I get a positive answer, I buy, register and block the program from accessing the net.

A little harder to do that with a web browser and so spend a little time reading forum posts and security reviews before installing to avoid having your right to privacy breached :flower:


#3

@Xercus – you can control what you send to Google, when using Chrome. It doesn’t send your search history, or download history, or advertising prefs, or anything of the sort. It doesn’t even have an advertising ID anymore. You can opt out of Telemetrics, SafeBrowsing, spell check, and anything that sends snippets of info to Google. The “Chrome = spyware” myth is just that – a myth.

Firefox sends the same kind of info to Mozilla – or Google itself, if you use FF’s default start page.


#4

Since I don’t keep a single cookie, never had a google account ever in my life, I do not have your options.

A little like on this forum where I always see:
We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. More info
… No way around that either apart from accepting cookies to which I oppose.


#5

What about this? http://www.maxthon.com/ueip


#6

[QUOTE=SIGN;2778016]What about this? http://www.maxthon.com/ueip[/QUOTE]

Hello SIGN and welcome to the forum :flower:

The article mentions this:

The browser has an opt-in setting for users to send specific information as part of Maxthon’s ‘User Experience Program’ but whether the user has this disabled or not, the ZIP file is send to Maxthon.


#7

Oh.That bad news for me,I use maxthon 4 years ago…I’m feel disappointed. T T


#8

It would depend on what you value and it is bad only from the ‘opt-in’ not being true:

The ZIP file contains all kinds of data about the system of the user and the internet history. Information about the system includes the CPU, memory, the adblocker status and the startpage. Also the URL of all visited websites, Google searches and a list of installed application on the system including their version number is sent to the Chinese company.
“all kinds of data about the system of the user” would indicate that no strictly personal contents to identify the user is collected. So in other words, if you do not mind that they collect the data as long as they don’t identify you with that data, you can continue using it. From now on knowing that this is data they collect :flower:


#9

And this answer of CEO
http://forum.maxthon.com/index.php?/topic/20208-security-and-privacy-are-top-priorities-at-maxthon


#10

^ The explanation from the company does not change the fact. Among other things like password-keeper, the above URL covers another aspect which is built into several browsers where the cloud service would route you to a warning page where you have to make a choice if you are about to enter for example a known phishing site which is different from posting the ZIP file to the company.

The ZIP as far as I can tell fall in the category “information to help develop Maxthon” which the developers think is so important that they have chosen to collect it regardless.

  1. Installed programs and version - Would serve as a foundation as to what programs should be installed and tested with Maxthon if enough users use it.
  2. CPU/Memory - Same as above
  3. URL’s would give a good base of common URLs to test before release.
    … as long as the user is not identified along with that data.

Like I say, the only thing bad here as far as I can tell is that they don’t say that they collect the data regardless… which is dubious. If they identified the user at the same time it would be a whole other story privacy-wise, but that is not so according to the article :slight_smile:


#11

Okay.It’s time to go back the Firefox goodbye Maxthon. T^T


#12

[QUOTE=SIGN;2778030]Okay.It’s time to go back the Firefox goodbye Maxthon. T^T[/QUOTE]

If privacy is very important for you, you could also test-drive the TOR browser which is a security strengthened Firefox and surf the net through the TOR network (it works through a VPN as well for additional security). You can read more about the project on their website. TOR is an abbreviation for the full name “The Onion Router” and so the onion logo is fitting :wink:


#13

Which VPN?

Don’t trust a chinese browser developer, but trust a random entity on the internet that runs a random “free” vpn server?

Does not compute …

At least paid VPN providers have a clear incentive to protect your privacy … their reputation and income depends on it.

Might as well install “HOLA” …


#14

It does compute combined, face it :wink:


#15

Always unfortunate when a web browser refuses to respect the users’ privacy. What Maxthon Ltd is doing ought to be illegal. A word of advice: if you can’t access a given browser’s source code, you simply can’t trust the browser.[QUOTE=Xercus;2777948]…No way around that either apart from accepting cookies to which I oppose.[/QUOTE]Your refusal to accept cookies is good. Unless I’m mistaken, Google’s opt-out only promises to stop showing personalized ads. It does not promise to cease the surveillance that is used to “personalize” said ads. In other words, Google is still spying on you. Cookie-based opt-outs be damned, the only way to stop Google from spying on you is to not allow your computer to connect to Google’s servers at all (except though anonymization services, such as a VPN or TOR).[QUOTE=Xercus;2778032]If privacy is very important for you, you could also test-drive the TOR browser which is a security strengthened Firefox and surf the net through the TOR network (it works through a VPN as well for additional security). You can read more about the project on their website. TOR is an abbreviation for the full name “The Onion Router” and so the onion logo is fitting ;)[/QUOTE]I am hesitant to describe what the TOR network uses as a “VPN”. The word “VPN” generally implies that all of your traffic is routed, which isn’t true when using TOR: only when apps are set to use a Socks 5 proxy, with the IP address of 127.0.0.1, and port 9050, is the network traffic routed. So, if you have the TOR Browser Bundle running, and you have some other browser running at the same time, the other browser will not be anonymized automatically. That’s why TOR users frequently use the TOR Browser Bundle, instead of any old browser: the TOR Browser Bundle is pre-configured out-of-the-box to use TOR, so not manual configurations are required. The TOR Brower Bundle is also hardened to prevent various data leaks (such as DNS leaks) and block HTML 5 fingerprinting, so even if you do set Firefox (or whatever browser you use) to use TOR, it’s still not as anonymous as the TOR Browser Bundle. (Also, browser addons come with the risk of leaking one’s real IP address, so the TOR Browser Bundle disables them.)

That said, the TOR documentation uses terms like “network” and “node”. That’s what TOR is: a network of relay nodes. Although TOR can accomplish the same end as a VPN (anonymizing traffic and/or circumventing geoblocks), it is simply not a VPN.

PS: Please don’t try to use TOR for use peer-to-peer filesharing. Not only does TOR [B]not[/B] do well with P2P, but attempts to use P2P over TOR may slow down the entire network for everyone.


#16

It is interesting as a general question as well, the fact that web servers keeps storage space on my computer as a requirement even if only for a cookie. I mean, is that at all acceptable?
What is taking place is in reality an invasion of my storage by third parties and their contents and seemingly, I have to accept that they use my storage permanently simply because they tell me ‘We use cookies’ ?

The P2P challenge is well documented on the TOR site, but probably should be mentioned as often as possible for newcomers.
I do use the TorBundle. Actually through a VPNed or even double-VPNed connection, hence the ‘it computes combined, face it ;)’ comment. In other words, I was speaking of surfing using the TorBundle through a VPN. (I’m testing NordVPN, more on that in the thread)