This week Exatel published a report saying that Maxthon collects sensitive user information and sends the URLs to the Maxthon server. We take the allegations from the Exatel report very seriously and have fully investigated this matter.
User Experience Improvement Program (UEIP)
Maxthon implements a User Experience Improvement Program (UEIP), a standard industry practice to improve the user experience. Users are supposed to have full control when it comes to opting in or out of the UEIP. If a user opts out, the UEIP is not supposed to collect information. However, upon investigating the situation based on the Exatel report, we located a bug in our 2007 code library. We have immediately fixed this bug. We thank the Exatel team for helping us identify the problem.
We’d like to note that the user information the UEIP program collects follows industry standard practice, and we share this practice with our users in the Maxthon UEIP policy. As pointed out in the Exatel report, the software information Maxthon collects is designed to improve the user experience by better configuring the software our users run in the system. Thanks to the UEIP program, we are able to analyze and solve configuration issues across all kinds of software. We will update our UEIP policy and provide even more transparency to our users.
Sending URLs to the Maxthon server
Exatel also reported that Maxthon sends URLs back to its server. Just as all URL security checks work, Maxthon’s cloud security scanner module (cloud secure) checks the safety of the websites our users visit. By implementing this URL security check, Maxthon sends URLs to its server to check if the website is safe or not. As a result of these security checks, we have prevented our users from visiting millions of fake and malicious websites since 2005. In our latest version, we will add an option for users to turn off the scanner.
Our Promise to Users
We at Maxthon take users’ privacy and information security seriously. We keep our users’ information secure and private. Maxthon has been in business for over 10 years and there has NEVER been a privacy leak to any third party. We are a truly international company with servers located in the U.S., EU, and Asia. We take endless efforts to improve our product to protect users’ security and privacy.
We are about to release our next-generation browser, the MX5, with enhanced features to protect user’s data and privacy.
- MX5 requires registration so that MX5 users are protected by a secure username and password.
- MX5’s Passkeeper feature provides triple encryption and multi-channel security using the AES25 algorithm. This algorithm strengthens the local database encryption and provides safer transmission to the cloud via https.
- MX5’s UUmail is a virtual email box that helps protect users real email addresses and get rid of spam emails.Please check www.maxthon.com for the latest information.
Jeff Chen (CEO of Maxthon)
11:00pm EST, July 14, 2016