Do any of you BB heads use Google Play?
- You do realize that phishing attacks are far more prevalent on websites, right? If you don't want to use apps because of phishing concern, then why use websites?
Phishing is generally more difficult on apps, but users can help by not installing software from dodgy sites. The banks can also implement features that mitigate this risk quite a bit. Again, we have more options available to us in apps than websites.
You are expecting that every nontechnical user has a security agency behind him or her and does a security check on every single app developer whose app he or she uses.
Unrealistic expectations.
The security experts I hear often disagree with you. They l say that phones are less secure than computers and IoT will be an even bigger security nightmare.
But everyone is entitled to their opinion.03-10-16 09:07 AMLike 0 - "NICK FITZGERALD: Probably the most important thing is to not disable the built-in security control that by default Android devices don't let you install apps from third party app stores. They only let you install apps from the Google Play store. And this malware can't normally get on your phone unless you have disabled that."
This is not some fishing operation where all those millions of users decided to download apps from illegal websites.
This is a banking app problem. They said as much on TV, more details than in the link.03-10-16 09:11 AMLike 0 -
You are expecting that every nontechnical user has a security agency behind him or her and does a security check on every single app developer whose app he or she uses.
Unrealistic expectations.
The security experts I hear often disagree with you. They l say that phones are less secure than computers and IoT will be an even bigger security nightmare.
But everyone is entitled to their opinion.
If you're suggesting that people should not bank on their phones, then that's a different argument all together. Most of us need to bank on our phones for the same reasons we do many other things on our phones. We don't want to or can't wait until we get home to do it.03-10-16 09:19 AMLike 0 - They are talking about millions of accounts at Australia's biggest bank.
This is not some fishing operation where all those millions of users decided to download apps from illegal websites.
This is a banking app problem. They said as much on TV, more details than in the link.
You misunderstood the attack/threat. It's potentially dangerous for millions of users, but only if the user has the malware on his/her phone and also enters his/her own credentials into the phishing page.03-10-16 09:21 AMLike 0 - So on iOS and Android, we actually don't have access to files or an indentifiable deviceID. If you're uncomfortable
Again, this is not a phone vs. computer thing, this is a browser vs app thing. Of course phones face more risks than computers overall, which is why we prefer native apps vs websites since native apps give us more options to protect ourselves and our customers.
If you're suggesting that people should not bank on their phones, then that's a different argument all together. Most of us need to bank on our phones for the same reasons we do many other things on our phones. We don't want to or can't wait until we get home to do it.
So, if I want to bank from my computer, not from my phone, for enhanced security, you should give me the feature in the website, as you do now with all other features, much more critical than depositing a cheque.03-10-16 09:43 AMLike 0 -
What they mentioned on the air was the bank app being corrupted.
A different kettle of fish.
Of course they don't know exactly how many accounts have been affected, that is why they use "potentially" millions. But this is specific to an android app for only one Australian bank.
If it were some phishing scheme, they would not target just users of a particular bank app.
And here's another link that confirms indirectly that they can do whatever with the camera and microphone on you device, even on an iphone.
http://www.theguardian.com/technolog...as-microphones03-10-16 09:51 AMLike 0 - The phising part is neither in the TV announcement nor in the link I provided...
What they mentioned on the air was the bank app being corrupted.
A different kettle of fish.
Of course they don't know exactly how many accounts have been affected, that is why they use "potentially" millions. But this is specific to an android app for only one Australian bank.
If it were some phishing scheme, they would not target just users of a particular bank app.
And here's another link that confirms indirectly that they can do whatever with the camera and microphone on you device, even on an iphone.
FBI could force us to turn on iPhone cameras and microphones, says Apple | Technology | The Guardian
First from your first link and I quote:
The virus presents a fake version of the login screen when an Android user accesses their legitimate banking application.
And you should also read the second article you posted carefully. In the article Cue is saying that IF Apple complies with the govt request, then this would become a major security vulnerability (according to Apple).
Again, if you don't want your bank app to have access to your camera, you can turn off access to the camera. On iOS you can even grant access to the camera just for a check deposit and then turn it off again immediately afterwards if you like.03-10-16 09:59 AMLike 0 - Yes, if I deal with my investment accounts where my life savings are, I can make the extra effort to avoid using the phone.
So, if I want to bank from my computer, not from my phone, for enhanced security, you should give me the feature in the website, as you do now with all other features, much more critical than depositing a cheque.
So let's go back and understand this again. We do not make a native application for the PC. Most banks don't.
We can't make this feature in a web browser, because we can't make it safe within the browser. No major bank has been able to do this. This is not because PCs aren't powerful, it's because web browsers severely limit what we can do. Does that make sense?
Again, this is not a PC issue. This is a web browser issue. We could do what you want, but only if we made a native app. And even then, it wouldn't help you since you use Linux anyway.03-10-16 10:02 AMLike 0 - Again you are looking at the bank's interest, not the users'.
There is nothing unsafe about me loading a picture of a cheque through the browser to the bank.
Maybe the bank cannot verify the validity of the cheque, although I doubt it. Even know if I go in person with a foreign cheque they take a week or two to validate it. The worst that can happen is that they will cancel the cheque a few days later when the see that it is a fake, and charge the user a fee for the invalid cheque.
It is much riskier, both for the bank and for me,when I move 5000 dollars or more from one account to another while using the Web page, Yet I am allowed to transfer very large amounts of money through the website and the bank considers that safe.
So, no, I don't buy that you cannot write a piece of code (Whoever mention apps? Although an app is a program and a piece of code by any other name) to embed in your webpage to allow the user to upload a picture of a cheque worth tens, hundreds, and even thousands of dollars.Last edited by sorinv; 03-10-16 at 06:17 PM.
03-10-16 05:36 PMLike 0 - Again you are looking at the bank's interest, not the users'.
There is nothing unsafe about me loading a picture of a cheque through the browser to the bank.
Maybe the bank cannot verify the validity of the cheque, although I doubt it. Even know if I go in person with a foreign cheque they take a week or two to validate it. The worst that can happen is that they will cancel the cheque a few days later when the see that it is a fake, and charge the user a fee for the invalid cheque.
It is much riskier, both for the bank and for me,when I move 5000 dollars or more from one account to another while using the Web page, Yet I am allowed to transfer very large amounts of money through the website and the bank considers that safe.
So, no, I don't buy that you cannot write a piece of code (Whoever mention apps? Although an app is a program and a piece of code by any other name) to embed in your webpage to allow the user to upload a picture of a cheque worth tens, hundreds, and even thousands of dollars.03-10-16 06:27 PMLike 0 -
Again, you can call it by whatever name. This news is about one bank only and only that bank's android app, and potentially millions of users.
If it was phishing, it would have applied to other android banking apps and other banks and their users.
And you should also read the second article you posted carefully. In the article Cue is saying that IF Apple complies with the govt request, then this would become a major security vulnerability (according to Apple).
Again, if you don't want your bank app to have access to your camera, you can turn off access to the camera. On iOS you can even grant access to the camera just for a check deposit and then turn it off again immediately afterwards if you like.
That is not the case with android apps before marshmallows.
It seems that there has been a change of focus towards privacy since Tim Cook took the helm at Apple.
It is interesting and revealing to see the desperate reaction of the FBI and of other security and surveillance agencies (like GCHQ) who are seeing their toys being taken away from them. Apps are a big part of the infrastructure they rely on. They love them for their security holes.
Here are the most recent reactions from DOJ and Apple. I am looking forward to learning which part I missed in my reading of the text.
http://www.bbc.com/news/election-us-2016-35781044Last edited by sorinv; 03-10-16 at 09:53 PM.
03-10-16 06:31 PMLike 0 -
- I have avoided patching, but the unpatched apps I use work fine:
MS Office
OneNote
Starbucks
Second Cup
Haven't had a need for anything else, although I might load an Android version of TD Bank's app so I can photo deposit cheques. For everything else, I use mobile websites.
Posted via CB10 from my awesome Passport03-11-16 06:10 AMLike 0 - HTML 5 will one day mature, we'll have improved mobile websites, and a number of apps will no longer be necessary. So the "app gap" dilemma BB faces will become less significant, assuming BB is still making phones at that time.03-12-16 09:57 PMLike 0
- I was thinking of the same thing. With HTML5 taking over I can see all the APK files and other platform files all morphing into HTML5 to the point where any OS can get any html5 app store. Half of the apps I can do or get is html5 anyway.03-13-16 04:35 AMLike 0
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
Do any of you BB heads use Google Play?
« Why does my phone require an ID which was used when setting it up which I don't have?
|
Why won't full screen video ads stop (made progress I guess.)? »
Similar Threads
-
Q10 users, do you miss the toolbelt?
By loveallnight in forum BlackBerry Q10Replies: 42Last Post: 03-23-16, 12:05 PM -
I Will Use My Passport SE Until it Dies!
By Insync in forum BlackBerry PassportReplies: 55Last Post: 03-23-16, 07:29 AM -
SECOND Passport with screen lift issue... WTH BB?
By mihnead in forum BlackBerry PassportReplies: 19Last Post: 03-13-16, 05:42 PM -
Is there any version of 10.3... that not leaked and able to be downloaded officially?
By CrackBerry Question in forum Ask a QuestionReplies: 3Last Post: 03-06-16, 03:52 PM -
Priv Launcher vs BB Launcher
By mis3 in forum BlackBerry PrivReplies: 3Last Post: 03-06-16, 09:33 AM
LINK TO POST COPIED TO CLIPBOARD