
Maxthon browser vulnerable to Chinese cyberespionage and MitM attacks - JohnTHaller
http://www.scmagazine.com/maxthon-browser-sends-personal-data-to-china-and-vulnerable-to-mitm-attacks/article/509634/
======
JohnTHaller
This was submitted earlier before any reports in English were available here:
[https://news.ycombinator.com/item?id=12094930](https://news.ycombinator.com/item?id=12094930)

From ksdev's earlier comment:

TL;DR: It doesn't matter if you agree to join "User Experience Improvement
Program" in Maxthon or not - the browser regularly sends this data to Beijing
servers:

    
    
      - Windows service pack version,
      - screen resolution,
      - Maxthon version,
      - CPU freq,
      - Maxthon path,
      - adblock info,
      - startup site address,
    

and the most important:

    
    
      - ADDRESS OF EVERY VISITED SITE - full history, with every query entered in google,
      - every ~5 reports - FULL LIST OF INSTALLED SOFTWARE (with exact versions).
    

English report:
[https://exatel.pl/advisory/maxthonreporten.pdf](https://exatel.pl/advisory/maxthonreporten.pdf)

