Looks like we're getting email after all! (3rd party app)
- wow! this is cool! can't wait for my playbook and then to get this app! and as far as email and security is concerned, it doesn't matter who makes the app or even if it is third party. As long as I get my stuff from app world I know RIM has verified it and it has passed all their tests.
bashing a .com is so not called for!04-15-11 10:01 AMLike 0 - I would SURE hope that RIM will check any submitted apps in terms of security. In fact I'm sure they do. There's a reason why they aren't just going to allow Android apps to install from the Android App store. Instead they're vetting the apps, probably to make sure that malware won't ever make it onto the PlayBook. I wouldn't know why else they'd have this whole resubmitting procedure.
Note that I totally agree that installing something from a 3rd party source (as in: somewhere else than from BB AppWorld) is a BAD idea.04-15-11 11:53 AMLike 0 - Hey, look at all the .pk people who registered just to defend the app.
And honestly, I could care less where you're from. You could be in a garage in my own country and I wouldn't trust an app coming from you. The concern was voiced and is valid BASED ON YOUR TRUSTWORTHY POPULARITY, not your nationality or race or color or sexual orientation for that matter. I don't see enough credible information out there that's easy to find from you guys, so it holds as a valid concern. There's a lot of neferious stealing of data happening behind the scenes via apps on both PCs and mobile devices. People should be made aware of such risks.
Also, Mike, your example of sniffing out the packets and seeing where they go. That's all nice and good if the app was written to always behave the same. What happens if the coder is smart enough to build in a trigger that only starts sending data after the app was installed for several days? Or what if it works by the coder triggering a remote command to the app before it sends the data. Guess what, in those cases, the app traffic would look normal until said time and the people testing it initially would think it's fine and use it... until it was too late.
Ya, that's right, I think outside of the box... because I know how the smart ones think.04-15-11 12:09 PMLike 0 -
coming from you. The concern was voiced and is valid BASED ON YOUR TRUSTWORTHY POPULARITY, not your nationality or race or color or sexual orientation for that matter. I don't see enough credible information out there
People should be made aware of such risks.
Also, Mike, your example of sniffing out the packets and seeing where they go. That's all nice and good if the app was written to always behave the same. What happens if the coder is smart enough to build in a trigger that only starts sending data after the app was installed for several days? Or what if it works by the coder triggering a remote command to the app before it sends the data. Guess what, in those cases, the app traffic would look normal until said time and the people testing it initially would think it's fine and use it... until it was too late.
Ya, that's right, I think outside of the box... because I know how the smart ones think.
If your self congratulatory conclusion about knowing how the "smart ones think" were true, you would also know that there are numerous ways in which to discover a TCP or UDP socket initiation signature (or other form of outbound access) with a binary scanner, regardless of whether such initiation is time-delayed, along with the socket destination. You would also know that security testing routinely involves system time adjustments to find time-triggered easter eggs.
Anyway, there doesn't appear to be much point in actually have a discussion concerning security because apparently your inclination to wave hands and respond with "ooo noooo, .pk!!" is a tad too strong.
Cheers and hope you have the opportunity to travel a bit more and enjoy the world. It has a lot to offer.Last edited by mikeheinz; 04-15-11 at 09:38 PM.
04-15-11 09:21 PMLike 0 -
Posted from my CrackBerry at wapforums.crackberry.com04-15-11 11:30 PMLike 0 - Hey, look at all the .pk people who registered just to defend the app.
And honestly, I could care less where you're from. You could be in a garage in my own country and I wouldn't trust an app coming from you. The concern was voiced and is valid BASED ON YOUR TRUSTWORTHY POPULARITY, not your nationality or race or color or sexual orientation for that matter. I don't see enough credible information out there that's easy to find from you guys, so it holds as a valid concern. There's a lot of neferious stealing of data happening behind the scenes via apps on both PCs and mobile devices. People should be made aware of such risks.
Also, Mike, your example of sniffing out the packets and seeing where they go. That's all nice and good if the app was written to always behave the same. What happens if the coder is smart enough to build in a trigger that only starts sending data after the app was installed for several days? Or what if it works by the coder triggering a remote command to the app before it sends the data. Guess what, in those cases, the app traffic would look normal until said time and the people testing it initially would think it's fine and use it... until it was too late.
Ya, that's right, I think outside of the box... because I know how the smart ones think.
Posted from my CrackBerry at wapforums.crackberry.com04-15-11 11:32 PMLike 0 - Mike, your registration day was yesterday. You're only here to defend against what was said in this thread. Doesn't really matter anyway and like I said, hidden code can be in anything from anyone. Safe or unsafe, the point of my initial post still stands and people who posted in the thread agree with it. I honestly don't care if you agree with it or not, but if you're trying to defend your product, you're taking the wrong path already. People here can criticize anything they want to. People can form whatever opinion they want. People can share viewpoints as well.04-16-11 12:41 AMLike 0
- They actually don't. There were a number of apps and I think still are on AppWorld that have SPAM coding burried in them. JaradCo was the company that made them. There have been several posts about this a few weeks ago and CB actually took down their apps from their own store I think.
If I were an executive at RIM and I'd hear about malicious apps making it into AppWorld ... ****... some employees would be in trouble.04-16-11 01:04 AMLike 0 - Mike, your registration day was yesterday. You're only here to defend against what was said in this thread. Doesn't really matter anyway and like I said, hidden code can be in anything from anyone. Safe or unsafe, the point of my initial post still stands and people who posted in the thread agree with it. I honestly don't care if you agree with it or not, but if you're trying to defend your product, you're taking the wrong path already. People here can criticize anything they want to. People can form whatever opinion they want. People can share viewpoints as well.
I don't give two hoots about your opinion, JRSCCivic98. But I do resent discriminatory posts based on no factual information other than someone's nationality or race.
Are you familiar with one of the core tenets of most civilized societies, "Innocent until proven guilty". You can choose to live your life with reverse assumptions if that brightens your day. To each his own.04-16-11 01:17 AMLike 0
- Forum
- BlackBerry PlayBook Forums
- PlayBook Apps & Games
Looks like we're getting email after all! (3rd party app)
LINK TO POST COPIED TO CLIPBOARD