![]() They ran this on the browser that had opted out of the UEIP program and, to no one’s surprise, the transmission to the server contained: With that information, they created their own DLL library which imitated the original M圎ncode library and were able to decrypt the data. It was very easy to figure out the Maxthon browser makes use of the M圎ncode library and the encryption key was actually embedded in the Maxthon code. Exatel discovered just how easy it is to run a Man-In-The-Middle attack to on the Maxthon encryption library. The conclusion? Opting out of the program has no effect.Įven though the data is encrypted, there’s a glaring issue. ![]() The results of unchecking that option? The ueipdata.zip still transferred itself to the Chinese server and still contained the dat.txt file. Naturally, Exatel decided to test this by unchecking the option to participate in the UEIP program during installation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |