taobao.com ad


Ldfa

Recommended Posts

Still, i dont like that thinks are updated behind my back. Just like that Google CSE.

This isnt safe browser if they have a full remote access.

Ummm what? People are happy for the browser to shuffle their favourites and history across the cloud, but draw the line at an ad on QA which was updated the same way QA has been for ages... All of a sudden it's a security issue that all and sundry can abuse... yup that sounds right?!

Fact is no one apart from the dev's knows what goes on in their programs - this goes for all software in general. You use it at your own risk. That said all major software isn't going to be doing anything nefarious if they want to keep a customer base. This is nothing more than a forced ad that can't be blocked. As ody has said, it's a trust issue, nothing more.

Just to reiterate, i don't agree with what was done, but to start with FUD about security related issues is really drawing a very, very long bow.

I think the biggest issue is that they pushed a chinese ad out to an international audience. If it when to only China, or even if it was localised, while still annoying at least people wouldn't freak out like they do when seeing something they don't understand.

Link to comment
Share on other sites

  • Replies 99
  • Created
  • Last Reply

I agree, this makes Maxthon look insecure and makes a mockery of the addition of Adblock Plus.  It can be disabled by putting this line in your hosts file:

127.0.0.1 http://s.click.taobao.com

There should be a tab after the 127.0.0.1

It can be added to the Internet Options/Privacy too and then the icon does not take you anywhere if clicked. In a previous answer there is a link to:

https://drive.google.com/open?id=0B0pZQNXm5TQ6T3hqckd3TzcwMGM

which goes in here:

c:\Users\****\AppData\Roaming\Maxthon3\Public\QuickAccess\Frame\qa.dat

that does seem to remove the icon permanently but I can`t vouch that it doesn`t do anything else malicious.

Terrible decision to put this in. Lets hope that sufficient people are annoyed by this that it affects their trade. Nobody likes unwanted advertising. 

 

I've found another way to disable the offending icon - in short, delete the icon.

How?  Follow the path quoted above for the installed version:

c:\Users\****\AppData\Roaming\Maxthon3\Public\QuickAccess\Frame\qa.dat

or for the portable version:  *\Maxthoon\UserData\Public\QuickAccess\Frame\qa.dat

Duplicate (backup qa.dat.  I did this in place, but you don't have to.  You will have to give it a different name if you do as I did.

Launch MxPacker.  You can download it here:  http://forum.maxthon.com/index.php?/topic/15294-sdk-maxthon-extension-development-guide-package-tool-20150521/&do=findComment&comment=83516.  This works for *.mxskin, *.mxaddon, and *.dat files.

Drag and drop qa.dat on the top field in MxPacker.  The second field will fill automatically with the extracted folder name "qa".  Again I did this in place.

MxPacker_unpackaging_qa_dat.thumb.png.5c

Open the folder qa.  You will see three folders and some files.  You are interested in the img folder.

Open the img folder.  

Find the ad's icon.

Delete it.

Repackage the qa folder by draging it and dropping it into the top field.  This time the second field also fills with a filename path, but the filename is qa.mxaddon.  Change that to qa.dat.

MxPacker_packaging_qa.thumb.png.72474713

Overwrite the existing qa.dat (you made the backup, right?)  If you don't like overwriting, wait, save the file with the mxaddon extension, and rename after.

Getting rid of the icon leaves the code in place but nothing to display.

So far the ad is gone through multiple re-launchings of Mx 4.4.8.600.

<<SL>>

 

Link to comment
Share on other sites

For those that are not happy about this, you should also know that posts that have been critical about Maxthon have been deleted. People that have used this browser for years are now being gagged by the site admin in typical Chinese manner.

 

Because I now realize they are deleting posts that disagree with the behavior I am now screenshotting them so I can post about this all over the net. I will make sure I include keywords so Google will reflect the fact critical posts are being delted.

My advice to anyone would be to change your browser as soon as possible, as I and many others have done.

as far as i know no posts have been deleted - if you can show screenshots then please do post them here - threads have been merged to keep things tidy - the site admin chinese or not are gagging no one - in fact one of the problems we have is that the chinese admins are not here as its weekend - you are stuck with people from france - the US australia and the UK who are doing their best with this issue - 

Tony     -  Vivaldi 4 on Windows 10 64Bit
Link to comment
Share on other sites

Even you blocked it in hosts files still come back. I did it, no use. it comes back.

I was really frustrated with Maxthon. First time they do that. I used it till it was MyIE and hardly posted here.

Never needed any help with Maxthon things went smoothly so far. And now we have this.

It's annoying at least. But for me is more than annoying.

A) it is a security issue. Injected code on my QA page.

What next? Inject code to redirect me to another site or even inject a trojan?

I am just make a point here, I am sure they don't, but one never knows,if they can inject code to my QA so easy.

B) I don't like ads of any kind. I managed to block it threw old good proxomitron.

But still it remains an issue for all of us,if the inject unwanted untrusted code so easy to our QA

A solution for this is to stop Using QA and use alliases..

C) Someone wrote above that is a free software and they have to make money somehow. 

I agree with that, but I do not agree to makeke money by injected unwanted-risky code on my QA.

Firefox is free too, but never did that. And they have to make money somehow.

D) Personally I never asked or wanted sync and cloud futures. I don't use them.

All I want is a reliable fast browser I can trust. And Maxthon by doing this,

is no more a browser someone can trust. We have major security problem here.

Link to comment
Share on other sites


The member mikebmth shows as having made two posts. His second post was critical of Maxthon and  It's now gone. I work for an internet security publication. I find this very interesting.

 

Can you also explain why a Maxthon passport cannot be deleted?

you seem to have deleted this post and also the one from mikebmth as you would seem to be one and the same person - its not against any rule to have more than one account but i cannot see your point

 

Tony     -  Vivaldi 4 on Windows 10 64Bit
Link to comment
Share on other sites

I am adding my name to the chorus of disapproval. I do not want random adds added to my QA screen in Maxthon. It smacks of intrusion and manipulation by Maxthon inc. I thought at first that I had been hacked as I could not believe that Maxthon would do something like this intentionally.

If the price for using Maxthon, which I have since IE2 and much as I love it, is this sort of commercialization then I will be off to Firefox et al.

Link to comment
Share on other sites

I've found another way to disable the offending icon - in short, delete the icon.

How?  Follow the path quoted above for the installed version:

c:\Users\****\AppData\Roaming\Maxthon3\Public\QuickAccess\Frame\qa.dat

or for the portable version:  *\Maxthoon\UserData\Public\QuickAccess\Frame\qa.dat

Duplicate (backup qa.dat.  I did this in place, but you don't have to.  You will have to give it a different name if you do as I did.

Launch MxPacker.  You can download it here:  http://forum.maxthon.com/index.php?/topic/15294-sdk-maxthon-extension-development-guide-package-tool-20150521/&do=findComment&comment=83516.  This works for *.mxskin, *.mxaddon, and *.dat files.

Drag and drop qa.dat on the top field in MxPacker.  The second field will fill automatically with the extracted folder name "qa".  Again I did this in place.

MxPacker_unpackaging_qa_dat.thumb.png.5c

Open the folder qa.  You will see three folders and some files.  You are interested in the img folder.

Open the img folder.  

Find the ad's icon.

Delete it.

Repackage the qa folder by draging it and dropping it into the top field.  This time the second field also fills with a filename path, but the filename is qa.mxaddon.  Change that to qa.dat.

MxPacker_packaging_qa.thumb.png.72474713

Overwrite the existing qa.dat (you made the backup, right?)  If you don't like overwriting, wait, save the file with the mxaddon extension, and rename after.

Getting rid of the icon leaves the code in place but nothing to display.

So far the ad is gone through multiple re-launchings of Mx 4.4.8.600.

<<SL>>

 

The method doesn't work with my copy of Maxthon (4.4.7.3000), since there is no logo in 'qa.dat', but other 'dats' in the QA folder MxPacker cannot open and shows an error.
I've dug for a while, and it seems to me very strange: developer's tool shows me the picture is there, but there isn't anything while I open the folder ('show hidden files' tick is on)

Link to comment
Share on other sites

A) it is a security issue. Injected code on my QA page.

What next? Inject code to redirect me to another site or even inject a trojan?

I am just make a point here, I am sure they don't, but one never knows,if they can inject code to my QA so easy.

C) Someone wrote above that is a free software and they have to make money somehow. 

I agree with that, but I do not agree to makeke money by injected unwanted-risky code on my QA.

Firefox is free too, but never did that. And they have to make money somehow.

D) Personally I never asked or wanted sync and cloud futures. I don't use them.

All I want is a reliable fast browser I can trust. And Maxthon by doing this,

is no more a browser someone can trust. We have major security problem here.

A / Nothing is "injected", the whole QA.dat file is updated last I recall. Same way it has been for quite a while.

C / "Risky code"? it's a link for an ad to the biggest online shopping site in China! Not some underground hacking site or malicious porn sites?!

D / I'm not 100% on this, but I recall reading that Firefox started auto-updating to the most recent version based on ONE ok by the user. So you say OK once to update and then every single version after that will be updated without your knowledge. Not sure if that is still the case or not, but how is that any different?

Clearly no one here is using Windows 10 - because as everyone knows its forced auto-updates is the worst thing ever to grace a PC *where's an eye-rolling smiley when you need one*

-

Also here's some light reading from the Maxthon EULA (which you agree to on install), notably #4 & #9...

2.  RESTRICTIONS.
    You may not:
    (vii) block, disable, or otherwise effect any advertising, advertisement banner window, tabs, links to other sites and services, or other features that constitute an integral part of the Browser;

4.  AUTOMATED UPDATES.
    Maxthon may deliver to your computer or other device upon which the Browser is installed automated updates, modifications, and/or patches to address issues such as security, interoperability, and performance (collectively 'Updates'). Certain Updates may be subject to additional terms and conditions. By using the Browser you consent to such automated updating. Your use of the Updates shall be governed by this Agreement (as modified from time to time) unless you are asked to agree to a new agreement at the time of download or installation.

9.  CHANGES TO THE BROWSER.
    Maxthon may, at any time, change, modify, add to or discontinue or retire any aspect or feature of the Browser. Maxthon has no obligation to provide you with notice of any such changes.

Again, I don't agree with what was done - but people are going making out like they stole their bank account details and cleaned them out. It's beyond ridiculous. 

Link to comment
Share on other sites

D) Personally I never asked or wanted sync and cloud futures. I don't use them.

All I want is a reliable fast browser I can trust. And Maxthon by doing this,

is no more a browser someone can trust. We have major security problem here.

I dont use those either. They dont even work, they just mess up my favorites etc. and i cant delete that cloud data or account.

For me, it seems to be security issue if things can be added directly to my browser behind my back. Youll never know what kind of malware there can be. Even if it suppose to be safe. Its not about ad, it is how they add those stuff.

 

I can even handle that fact that my browser crash all the time (could be over 20 times per day) and i lost my tab history. Thats why i always open links to the new tab so if i lost tab history, that previous page is still there. It happened so often that im use to it now. Still this kind of thing isnt good. Nowadays even ads can be dangerous. 

Link to comment
Share on other sites

Guys, the problem is not whether this ad annoying or not.

Most scary thing is developers can inject anything into browser without user consent.

Last time when I saw this behaviour was earthquake in China (asking for help; I agree that it was huge excuse) but Maxthon demonstrated it's creepy capability quite clear.

Currently I started moving out procedure to Chrome. I'm searching for extensions and roughly 80% of functionality I need already has been covered.

By the way, Chrome runs faster (scrolling is smooth) with Adblock Plus than Maxthon.

Link to comment
Share on other sites

I thought I had a virus when I saw this ad, and was running ever security program to try to get rid of it. I don't want thing appearing on my browser with no warning when I haven't downloaded anything. I don't even speak Chinese, so what's the point? This along with the Google search thing has made me lose trust in Maxthon. It's my browser and my computer. Things shouldn't just be appearing out of nowhere.

Link to comment
Share on other sites

Everybody freaking out about this please calm yourselves...

It's a screw up, yes, but  neither the end of the world or a threat to your well being in the least...

Maxthon is a GREAT browser and has BEEN a great browser for a LONG time now, free of charge to us all.

The whole internet is better because of their fine thinking, as most other browsers swiped Maxthon's ideas left and right over the years, and anybody who has used Maxthon for awhile knows it.

I can't speak for anybody else but for ME... I think it won't kill me to show some loyalty and stick with this a couple of days and just let them fix it, which I am sure they will.

I get updates, auto and on my ok all the time for many programs, so auto updating should not be traumatic to anybody like I have been reading! And yes, I have windows 10 which DOES track and has a lot of things to turn off for privacy and frankly, WHO KNOWS if they are all off or all CAN be turned off.

Anyway, that's my take... don't sweat the small stuff and if you want complete security you had better get off the internet and use a pen and pad of paper. This ADD glitch is not your problem in the big picture.

So THANK YOU Maxthon...

I'm with you 100%

 

Link to comment
Share on other sites

Just the other day I had this pop on to the quick / new tab area and It wont translate or remove. I'm no wiz to computer stuff and can find no way of deleting it. Any ideas..?                                             You will see it in this clippit circled in red, and when you scroll to the next page it seems as though it's stuck to the inside of screen , like everything passes right on by under...or..behind it..

Untitled20151024233750.png

Link to comment
Share on other sites

i got it too and its not a big problem 
 

BUT WTF!!!!!!!!!!!!!!! (WHOLE PART BELOW IS ABOUT THIS FORUM AND NOT ABOUT THAT TAOBAO S#!T)

 

i made post here and did some retard remove it? or wtf?

or did it magically disappear?

now im adding this page to favorites and i get this whenever i wanna view this site again via favorites

 

UPmi8si.png

 

just WTF

or does this site's URL keep changing? how?

 

WTF?????????????????

 

this is just retarded

Link to comment
Share on other sites

i got it too and its not a big problem 
 

BUT WTF!!!!!!!!!!!!!!! (WHOLE PART BELOW IS ABOUT THIS FORUM AND NOT ABOUT THAT TAOBAO S#!T)

 

i made post here and did some retard remove it? or wtf?

or did it magically disappear?

now im adding this page to favorites and i get this whenever i wanna view this site again via favorites

just WTF

or does this site's URL keep changing? how?

 

WTF?????????????????

 

this is just retarded

 

Your post must have been moved or merged with another thread. What was it about?

Edit: You have another post in this thread here http://forum.maxthon.com/index.php?/topic/17734-taobaocom-ad/&do=findComment&comment=92085

Link to comment
Share on other sites

 

Your post must have been moved or merged with another thread. What was it about?

Edit: You have another post in this thread here http://forum.maxthon.com/index.php?/topic/17734-taobaocom-ad/&do=findComment&comment=92085

yep it was i see so no retard even touched it so its ok

 

now problem is that im adding this page to favorites and it keeps viewing me this s#!t from screenshot from above

for now is ok but  in few hours it will happen again and it did happen again in few hours

Link to comment
Share on other sites

yep it was i see so no retard even touched it so its ok

 

now problem is that im adding this page to favorites and it keeps viewing me this s#!t from screenshot from above

for now is ok but  in few hours it will happen again and it did happen again in few hours

not sure what your issue is but you may edit you favorites with this url  http://forum.maxthon.com/

sigmax2.png

Link to comment
Share on other sites

yep it was i see so no retard even touched it so its ok

 

now problem is that im adding this page to favorites and it keeps viewing me this s#!t from screenshot from above

for now is ok but  in few hours it will happen again and it did happen again in few hours

when pointing your finger at retards just remember who the other 3 fingers are pointed at

Tony     -  Vivaldi 4 on Windows 10 64Bit
Link to comment
Share on other sites

 

as far as i know no posts have been deleted - if you can show screenshots then please do post them here - threads have been merged to keep things tidy

A few posts have been deleted here and there — but as far as I can tell, they've been of two types:

  1. posts with incorrect information (In a support forum, you have to delete these.  Otherwise, users will come through, read one inaccurate post, and go off half-cocked, possibly screwing up their browsers.);
  2. deliberate attempts to smear Maxthon (Like the user Tony outed faking censorship with two accounts from the same IP above.)

you seem to have deleted this post and also the one from mikebmth as you would seem to be one and the same person - its not against any rule to have more than one account but i cannot see your point

There are plenty of angry, outraged posts still here, which leads to me to believe those are welcome.  But no, you can't make up stories about how Maxthon stole the Lindbergh baby and expect those to take up valuable space in an otherwise important thread.
 

A) it is a security issue. Injected code on my QA page.

What next? Inject code to redirect me to another site or even inject a trojan?

I am just make a point here, I am sure they don't, but one never knows,if they can inject code to my QA so easy.

B) I don't like ads of any kind. I managed to block it threw old good proxomitron.

But still it remains an issue for all of us,if the inject unwanted untrusted code so easy to our QA

A solution for this is to stop Using QA and use alliases..

C) Someone wrote above that is a free software and they have to make money somehow. 

I agree with that, but I do not agree to makeke money by injected unwanted-risky code on my QA.

Firefox is free too, but never did that. And they have to make money somehow.

D) Personally I never asked or wanted sync and cloud futures. I don't use them.

All I want is a reliable fast browser I can trust. And Maxthon by doing this,

is no more a browser someone can trust. We have major security problem here.

Regarding (A):  As 7twenty pointed out earlier, this isn't what you'd call "injected code."  It's an update to a piece of the software — in this case, a piece that reaches out to the internet when you click it.  Pretty much every modern piece of software does that.  Have a program that notifies you an update is available and provides a link to download it?  That link wasn't there before.  The software added it, on the fly.  The Taobao ad, functionality-wise, is no different.  Sure, the Maxthon dev team should've thought ahead in deploying it, but it's in no way "dangerous," "risky," or indicative of any ability the browser has that every other piece of software you use doesn't also have.

Regarding (B):  If you're that fearful of Maxthon, avoiding QuickAccess isn't going to protect you.  It's your Web browser.  It could change or redirect your aliases as easily as it can change the QA page.  Heck, it could redirect your address bar.  There is no reason whatsoever to suspect that it would.  But if your fear is what Maxthon is capable of, then run and hide under the bed, because it's capable of doing any number of malicious things.  Just as any Web browser is.  As Ody said (very well) earlier in the thread, the issue is a possible breach of user trust, not a breach of security.  It's O.K. to think this was bad behavior on Maxthon's part; it's not O.K. to paint the browser as dangerous software.

Regarding (C):  Firefox is developed by the not-for-profit Mozilla Foundation, which means it actually doesn't have to make money.  There are operating expenses, sure, but that foundation is also eligible for grants and subsidies private companies like Maxthon aren't.

Regarding (D):  I can appreciate that.  I never asked for or wanted those features, either.  Nevertheless, we are voluntarily using a product called "Maxthon Cloud Browser," which makes no bones about its deep integration with the Web.

Clearly no one here is using Windows 10 - because as everyone knows its forced auto-updates is the worst thing ever to grace a PC *where's an eye-rolling smiley when you need one*

7twenty, I adore you.  Preach.

I dont use those either. They dont even work, they just mess up my favorites etc. and i cant delete that cloud data or account.

For me, it seems to be security issue if things can be added directly to my browser behind my back. Youll never know what kind of malware there can be. Even if it suppose to be safe. Its not about ad, it is how they add those stuff.

I can even handle that fact that my browser crash all the time (could be over 20 times per day) and i lost my tab history. Thats why i always open links to the new tab so if i lost tab history, that previous page is still there. It happened so often that im use to it now. Still this kind of thing isnt good. Nowadays even ads can be dangerous. 

It sounds like you may have more problems than the Taobao ad, Hobi.  If you haven't yet, you may want to open another thread here on the forum soliciting help and ideas.  (Something I recently learned about online Favorites and synchronization may interest you.)

I didn't mean to sound indifferent to the possibility of Maxthon behaving irresponsibly earlier.  You're right that people's concerns aren't about the Taobao ad but about the handling of their data and respect for their privacy.  To reiterate Ody's observation:  This isn't a security issue; it's a trust issue.

The best approach to trust issues is to talk them out with knowledgeable people (like those here in the forum and the devs when they chime in) to see if there's any real reason for concern — or, if you don't trust the product, stop using it.  My only advice would be:  If you're going to walk away, do it because of what malice you think Maxthon will perform on your computer, not what it can perform (because it and every other browser under the sun could steal and smash your personal data to tiny pieces if it wanted to).

Me, I trust Maxthon.  Mostly because I have no reason not to.  (So they showed me an annoying ad one time.  One of my best friends told me an annoying story the other day, and he still has the spare key to my house.)

Guys, the problem is not whether this ad annoying or not.

Most scary thing is developers can inject anything into browser without user consent.

Last time when I saw this behaviour was earthquake in China (asking for help; I agree that it was huge excuse) but Maxthon demonstrated it's creepy capability quite clear.

Currently I started moving out procedure to Chrome. I'm searching for extensions and roughly 80% of functionality I need already has been covered.

By the way, Chrome runs faster (scrolling is smooth) with Adblock Plus than Maxthon.

There are many good reasons for using Chrome — but privacy is not one of them.

Remember, search is Google's raison d'être, and advertising how it makes its money.  Chrome exists solely to serve ads to you and to figure out which ads to serve to you.

If one clunkily implemented ad on Maxthon's QuickAccess concerns you, Chrome is not the browser you want to switch to.  Maybe you should try the Tor Browser instead.

Link to comment
Share on other sites

now problem is that im adding this page to favorites and it keeps viewing me this s#!t from screenshot from above

for now is ok but  in few hours it will happen again and it did happen again in few hours

it's because people constantly create new threads about this issue, instead of searching or looking at the first few threads on the page - they're all getting merged into this one. If for some reason the merge goes backwards (to the new thread) then the title/URL changes. may even affect the thread ID even if the title stays the same.

You can go to the thread quickly by adding your profile page to your favourites, then click the link to the thread which is always updated from there.

Hopefully this will be resolved tomorrow and things can go back to normal.

 

It sounds like you may have more problems than the Taobao ad, Hobi.  If you haven't yet, you may want to open another thread here on the forum soliciting help and ideas.  

This. @hobi 

Link to comment
Share on other sites

Hi guys,

Sorry for the inconvenience brought to you.

The ads icon in quick access was meant for Chinese users. It was mistakenly pushed to international version of Maxthon.

It's not a virus, it is an advertisement  for the 11th of November (11/11) festival, mainly celebrated in China as Singles' Day ( for people who are single). It has become the largest online shopping for  Alibaba's sites Tmall and Taobao...

Do not worry, I'm talking to our team to see how this ad can be controlled and not be pushed to international users.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.