However, you might only need a few extensions with active ad-blockers and tracker blockers. For users unfamiliar with the latter, Tor is an anonymous browser that masks your identity as you use the internet.Īs a Chromium-based browser, Brave is compatible with many Chrome extensions.
However, it’s customizable according to your needs because some websites require pop-ups to function.Īdditionally, some of Brave’s features are only available as extensions on other browsers, like the built-in crypto wallet and Tor browser. This feature keeps your browsing habits and preferences private.
#Maxthon browser images plus
It uses less RAM than Chrome, which is a huge plus if you prefer multitasking.īy default, the Brave browser blocks trackers, ads, and cookies. Brave scores excellent marks in running JavaScript and overall responsiveness.Įven with higher loads, Brave doesn’t slow down or show latency. It’s not as fast as Chrome, Edge, or Opera, but it outperforms competitors like Firefox and Vivaldi. While Brave is known to keep users private and anonymous, it’s a fast browser too. After that, the small picture will stay on the screen as you switch tabs. When you watch a video, you can shrink it into a smaller window. Experts at the University of Toronto’s Citizen Lab have identified security and privacy issues in several popular Chinese browsers, including QQ Browser, UC Browser and Baidu Browser.The Picture in picture mode allows users to multitask efficiently. This is not the first time researchers have raised concerns about web browsers developed by Chinese companies. SecurityWeek has reached out to Maxthon for comment. Experts have tested the latest version of the web browser and determined that it still transmits the data even if UEIP is disabled. However, according to researchers, sensitive data is sent to China regardless of how UEIP is configured.Įxatel said it contacted Maxthon about its findings, but it hasn’t heard back from the vendor. The vendor’s representatives said they only collect “basic data” when the feature is disabled – as opposed to “sensitive data” harvested when UEIP is enabled. Some Maxthon customers who noticed that the ueipdata.zip file is created even when they opt out of the UEIP asked the company for clarifications. Knowing the exact operating system and installed applications, and browsing habits it would be trivial to send a perfectly crafted spearphish to the victim or perhaps set up a watering hole attack on one of their most frequented websites,” explained Fidelis Cybersecurity CSO Justin Harvey. “Essentially, the information that is being transmitted back contains almost everything you would want in conducting a reconnaissance operation to know exactly where to attack. They are concerned that the information on browsing habits and the installed applications could be highly valuable for a malicious actor looking to conduct a targeted attack. However, as experts discovered, the data is being collected even if users opt out of the UEIP. The vendor claims the program is voluntary and “totally anonymous.”
The role of the program is to help the developer understand its users’ needs and deliver better products and services. The ueipdata.zip file is created and sent to Maxthon servers as part of the company’s User Experience Improvement Program (UEIP). Exatel researchers demonstrated how a man-in-the-middle (MitM) attacker could intercept the data as it travels from the client to the Maxthon server in China. While dat.txt is encrypted, experts easily found the key needed to decrypt it, giving them access to the information. This file stores information on the operating system, CPU, ad blocker status, homepage URL, websites visited by the user (including online searches), and installed applications and their version number. Further analysis revealed that ueipdata.zip contains an encrypted file named dat.txt. Researchers at Fidelis Cybersecurity and Poland-based Exatel recently found that Maxthon regularly sends a file named ueipdata.zip to a server in Beijing, China, via HTTP. In 2013, after the NSA surveillance scandal broke, the company boasted about its focus on privacy and security, and the use of strong encryption. Researchers warn that the harvested data could be highly valuable for malicious actors.ĭeveloped by China-based Maxthon International, the browser is available for all major platforms in more than 50 languages. Security experts have discovered that the Maxthon web browser collects sensitive information and sends it to a server in China.