AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Maxthon browser 3.04/6/2023 The conclusion? Opting out of the program has no effect.Įven though the data is encrypted, there’s a glaring issue. The results of unchecking that option? The ueipdata.zip still transferred itself to the Chinese server and still contained the dat.txt file. Naturally, Exatel decided to test this by unchecking the option to participate in the UEIP program during installation. Error and crash data reported during browser functioningĪccording to the developers at Maxthon, this program can be easily opted out of.Hardware on which the browser is installed.This is part of a voluntary program (as claimed by the creators of Maxthon) that is purported to improve the browser experience by anonymously sharing information about: The abbreviation UEIP (from ueipdata.zip) stands for User Experience Improvement Program. However, after further investigation, they discovered the packet was emanating from the Maxthon Browser, installed on three Exatel employees’ computers, and heading straight for a server in China. That phrase?Įxatel initially thought this could have been a joke (since it was around April First). As they monitored the transmission of data, they discovered a phrase which repeated several times during the packet transfer. It’s very interesting to know the reason why Exatel thought to look twice at a packet that was setting off their Deep Packet Inspection (DPI) alarms. Although it may add a level of comfort to know that the data sent out of your device is encrypted (via a symmetric Rijndael ((AES)) algorithm using a constant 16-byte key of “eu2o4[r04cml4eir”), it may (or may not) surprise you to know the experts that discovered the issue easily found the decryption key. That’s a rather daunting list of information to be sending to a third party server. Installed applications (and their version number).The ueipdata.zip contains a file called dat.txt which stores information about the following: What exactly has been discovered that could be so damaging to this underdog browser? Fidelis Cybersecurity reported that Poland-based Exatel uncovered the Maxthon browser regularly sends a file, via HTTP, named ueipdata.zip, to a server in Beijing, China. That’s why, when I read the details regarding the troubles now plaguing the Maxthon browser, I immediately wanted to warn people that it would be in their best interest to stop using the application. However, it cannot be said enough that we are living in an age when protecting our data has become a top priority for most (and should be for all). This could very well be a case of overreacting and far-reaching paranoia. You may have installed the Maxthon browser on your mobile devices. Maxthon browser is a wolf in sheep’s clothing
0 Comments
Read More
Leave a Reply. |